Skip to content

Commit

Permalink
feat(trivy): Bump Trivy to v0.31.0 (#165)
Browse files Browse the repository at this point in the history
Fixes: #164

Signed-off-by: Simar <[email protected]>

Signed-off-by: Simar <[email protected]>
  • Loading branch information
simar7 authored Aug 17, 2022
1 parent 12814ff commit 1db49f5
Show file tree
Hide file tree
Showing 7 changed files with 39 additions and 37 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/build.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
name: "build"
on: [push, pull_request]
env:
TRIVY_VERSION: 0.30.4
TRIVY_VERSION: 0.31.2
BATS_LIB_PATH: '/usr/lib/'
jobs:
build:
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
FROM ghcr.io/aquasecurity/trivy:0.30.4
FROM ghcr.io/aquasecurity/trivy:0.31.2
COPY entrypoint.sh /
RUN apk --no-cache add bash curl
RUN chmod +x /entrypoint.sh
Expand Down
2 changes: 1 addition & 1 deletion test/data/config-sarif.test
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
}
}
],
"version": "0.30.4"
"version": "0.31.2"
}
},
"results": [
Expand Down
2 changes: 1 addition & 1 deletion test/data/image-sarif.test
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
}
}
],
"version": "0.30.4"
"version": "0.31.2"
}
},
"results": [
Expand Down
32 changes: 16 additions & 16 deletions test/data/image-trivyignores.test
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ Total: 19 (CRITICAL: 19)
├─────────────┼────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ curl │ CVE-2018-14618 │ CRITICAL │ 7.61.0-r0 │ 7.61.1-r0 │ curl: NTLM password overflow via integer overflow │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-14618 │
├─────────────────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
curl │ CVE-2018-16839 │ CRITICAL │ 7.61.0-r0 │ 7.61.1-r1 │ curl: Integer overflow leading to heap-based buffer overflow │
├────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ CVE-2018-16839 │ │ 7.61.1-r1 │ curl: Integer overflow leading to heap-based buffer overflow │
│ │ │ │ │ │ in Curl_sasl_create_plain_message() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-16839 │
│ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────────┤
Expand All @@ -20,8 +20,8 @@ Total: 19 (CRITICAL: 19)
│ │ CVE-2018-16842 │ │ │ │ curl: Heap-based buffer over-read in the curl tool warning │
│ │ │ │ │ │ formatting │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-16842 │
├─────────────────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
curl │ CVE-2019-3822 │ CRITICAL │ 7.61.0-r0 │ 7.61.1-r2 │ curl: NTLMv2 type-3 header stack buffer overflow │
├────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ CVE-2019-3822 │ │ 7.61.1-r2 │ curl: NTLMv2 type-3 header stack buffer overflow │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-3822 │
│ ├────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-5481 │ │ │ 7.61.1-r3 │ curl: double free due to subsequent call of realloc() │
Expand All @@ -32,15 +32,15 @@ Total: 19 (CRITICAL: 19)
├─────────────┼────────────────┤ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ git │ CVE-2018-17456 │ │ 2.15.2-r0 │ 2.15.3-r0 │ git: arbitrary code execution via .gitmodules │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-17456 │
├─────────────────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
git │ CVE-2019-1353 │ CRITICAL │ 2.15.2-r0 │ 2.15.4-r0 │ git: NTFS protections inactive when running Git in the │
├────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ CVE-2019-1353 │ │ 2.15.4-r0 │ git: NTFS protections inactive when running Git in the │
│ │ │ │ │ │ Windows Subsystem for... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-1353 │
├─────────────┼────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libbz2 │ CVE-2019-12900 │ CRITICAL │ 1.0.6-r6 │ 1.0.6-r7 │ bzip2: out-of-bounds write in function BZ2_decompress │
├─────────────┼────────────────┤ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libbz2 │ CVE-2019-12900 │ │ 1.0.6-r6 │ 1.0.6-r7 │ bzip2: out-of-bounds write in function BZ2_decompress │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-12900 │
├─────────────┼────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libcurl │ CVE-2018-16839 │ CRITICAL │ 7.61.1-r0 │ 7.61.1-r1 │ curl: Integer overflow leading to heap-based buffer overflow │
├─────────────┼────────────────┤ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ libcurl │ CVE-2018-16839 │ │ 7.61.1-r0 │ 7.61.1-r1 │ curl: Integer overflow leading to heap-based buffer overflow │
│ │ │ │ │ │ in Curl_sasl_create_plain_message() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-16839 │
│ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────────┤
Expand All @@ -51,25 +51,25 @@ Total: 19 (CRITICAL: 19)
│ │ CVE-2018-16842 │ │ │ │ curl: Heap-based buffer over-read in the curl tool warning │
│ │ │ │ │ │ formatting │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-16842 │
├─────────────────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
libcurl │ CVE-2019-3822 │ CRITICAL │ 7.61.1-r0 │ 7.61.1-r2 │ curl: NTLMv2 type-3 header stack buffer overflow │
├────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ CVE-2019-3822 │ │ 7.61.1-r2 │ curl: NTLMv2 type-3 header stack buffer overflow │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-3822 │
│ ├────────────────┤ │ ├───────────────┼──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-5481 │ │ │ 7.61.1-r3 │ curl: double free due to subsequent call of realloc() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5481 │
│ ├────────────────┤ │ │ ├──────────────────────────────────────────────────────────────┤
│ │ CVE-2019-5482 │ │ │ │ curl: heap buffer overflow in function tftp_receive_packet() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-5482 │
├─────────────┼────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ musl │ CVE-2019-14697 │ CRITICAL │ 1.1.18-r3 │ 1.1.18-r4 │ musl libc through 1.1.23 has an x87 floating-point stack │
├─────────────┼────────────────┤ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ musl │ CVE-2019-14697 │ │ 1.1.18-r3 │ 1.1.18-r4 │ musl libc through 1.1.23 has an x87 floating-point stack │
│ │ │ │ │ │ adjustment im ...... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-14697 │
├─────────────┤ │ │ │ │ │
│ musl-utils │ │ │ │ │ │
│ │ │ │ │ │ │
│ │ │ │ │ │ │
├─────────────┼────────────────┼──────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ sqlite-libs │ CVE-2019-8457 │ CRITICAL │ 3.21.0-r1 │ 3.25.3-r1 │ sqlite: heap out-of-bound read in function rtreenode() │
├─────────────┼────────────────┤ ├───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ sqlite-libs │ CVE-2019-8457 │ │ 3.21.0-r1 │ 3.25.3-r1 │ sqlite: heap out-of-bound read in function rtreenode() │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2019-8457 │
└─────────────┴────────────────┴──────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘

Expand Down
Loading

0 comments on commit 1db49f5

Please sign in to comment.