stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: add security sink detection patterns for JavaScript/TypeScript

Browse Source 
- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations).
- Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns.
- Added `package-lock.json` for dependency management.
This commit is contained in:
StellaOps Bot
2025-12-22 23:21:21 +02:00
parent 3ba7157b00
commit 5146204f1b
529 changed files with 73579 additions and 5985 deletions
Download Patch File Download Diff File Expand all files Collapse all files

994
src/Concelier/__Tests/StellaOps.Concelier.Connector.Distro.Alpine.Tests/Source/Distro/Alpine/Fixtures/alpine-v3.18-main.snapshot.json Normal file
View File

@@ -0,0 +1,994 @@
[
{
"advisoryKey": "alpine/cve-2018-25032",
"affectedPackages": [
{
"type": "apk",
"identifier": "zlib",
"platform": "v3.18/main",
"versionRanges": [
{
"fixedVersion": "1.2.11-r4",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.18",
"alpine.repo": "main",
"alpine.fixed": "1.2.11-r4",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2018-25032:v3.18/main:zlib:1.2.11-r4",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.2.11-r4",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.2.11-r4",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.18/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2018-25032:v3.18/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2018-25032:v3.18/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2018-25032",
"alpine/cve-2018-25032"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:00:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2018-25032",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:00:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.18/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2018-25032"
},
{
"advisoryKey": "alpine/cve-2021-30139",
"affectedPackages": [
{
"type": "apk",
"identifier": "apk-tools",
"platform": "v3.18/main",
"versionRanges": [
{
"fixedVersion": "2.12.5-r0",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.18",
"alpine.repo": "main",
"alpine.fixed": "2.12.5-r0",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2021-30139:v3.18/main:apk-tools:2.12.5-r0",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:2.12.5-r0",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "2.12.5-r0",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.18/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-30139:v3.18/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-30139:v3.18/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2021-30139",
"alpine/cve-2021-30139"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:00:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2021-30139",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:00:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.18/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2021-30139"
},
{
"advisoryKey": "alpine/cve-2021-36159",
"affectedPackages": [
{
"type": "apk",
"identifier": "apk-tools",
"platform": "v3.18/main",
"versionRanges": [
{
"fixedVersion": "2.12.6-r0",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.18",
"alpine.repo": "main",
"alpine.fixed": "2.12.6-r0",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2021-36159:v3.18/main:apk-tools:2.12.6-r0",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:2.12.6-r0",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "2.12.6-r0",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.18/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-36159:v3.18/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-36159:v3.18/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2021-36159",
"alpine/cve-2021-36159"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:00:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2021-36159",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:00:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.18/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2021-36159"
},
{
"advisoryKey": "alpine/cve-2022-37434",
"affectedPackages": [
{
"type": "apk",
"identifier": "zlib",
"platform": "v3.18/main",
"versionRanges": [
{
"fixedVersion": "1.2.12-r2",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.18",
"alpine.repo": "main",
"alpine.fixed": "1.2.12-r2",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2022-37434:v3.18/main:zlib:1.2.12-r2",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.2.12-r2",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.2.12-r2",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.18/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2022-37434:v3.18/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2022-37434:v3.18/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2022-37434",
"alpine/cve-2022-37434"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:00:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2022-37434",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:00:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.18/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2022-37434"
},
{
"advisoryKey": "alpine/cve-2023-42363",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.18/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r7",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.18",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r7",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2023-42363:v3.18/main:busybox:1.36.1-r7",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r7",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r7",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.18/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42363:v3.18/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42363:v3.18/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2023-42363",
"alpine/cve-2023-42363"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:00:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2023-42363",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:00:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.18/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2023-42363"
},
{
"advisoryKey": "alpine/cve-2023-42364",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.18/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r7",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.18",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r7",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2023-42364:v3.18/main:busybox:1.36.1-r7",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r7",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r7",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.18/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42364:v3.18/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42364:v3.18/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2023-42364",
"alpine/cve-2023-42364"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:00:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2023-42364",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:00:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.18/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2023-42364"
},
{
"advisoryKey": "alpine/cve-2023-42365",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.18/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r7",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.18",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r7",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2023-42365:v3.18/main:busybox:1.36.1-r7",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r7",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r7",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.18/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42365:v3.18/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42365:v3.18/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2023-42365",
"alpine/cve-2023-42365"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:00:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2023-42365",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:00:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.18/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2023-42365"
},
{
"advisoryKey": "alpine/cve-2023-42366",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.18/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r6",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.18",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r6",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2023-42366:v3.18/main:busybox:1.36.1-r6",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r6",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r6",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.18/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42366:v3.18/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42366:v3.18/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2023-42366",
"alpine/cve-2023-42366"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:00:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2023-42366",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:00:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.18/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:00:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.18/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2023-42366"
}
]

994
src/Concelier/__Tests/StellaOps.Concelier.Connector.Distro.Alpine.Tests/Source/Distro/Alpine/Fixtures/alpine-v3.19-main.snapshot.json Normal file
View File

@@ -0,0 +1,994 @@
[
{
"advisoryKey": "alpine/cve-2018-25032",
"affectedPackages": [
{
"type": "apk",
"identifier": "zlib",
"platform": "v3.19/main",
"versionRanges": [
{
"fixedVersion": "1.2.11-r4",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.19",
"alpine.repo": "main",
"alpine.fixed": "1.2.11-r4",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2018-25032:v3.19/main:zlib:1.2.11-r4",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.2.11-r4",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.2.11-r4",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.19/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2018-25032:v3.19/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2018-25032:v3.19/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2018-25032",
"alpine/cve-2018-25032"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:10:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2018-25032",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:10:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.19/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2018-25032"
},
{
"advisoryKey": "alpine/cve-2021-30139",
"affectedPackages": [
{
"type": "apk",
"identifier": "apk-tools",
"platform": "v3.19/main",
"versionRanges": [
{
"fixedVersion": "2.12.5-r0",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.19",
"alpine.repo": "main",
"alpine.fixed": "2.12.5-r0",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2021-30139:v3.19/main:apk-tools:2.12.5-r0",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:2.12.5-r0",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "2.12.5-r0",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.19/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-30139:v3.19/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-30139:v3.19/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2021-30139",
"alpine/cve-2021-30139"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:10:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2021-30139",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:10:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.19/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2021-30139"
},
{
"advisoryKey": "alpine/cve-2021-36159",
"affectedPackages": [
{
"type": "apk",
"identifier": "apk-tools",
"platform": "v3.19/main",
"versionRanges": [
{
"fixedVersion": "2.12.6-r0",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.19",
"alpine.repo": "main",
"alpine.fixed": "2.12.6-r0",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2021-36159:v3.19/main:apk-tools:2.12.6-r0",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:2.12.6-r0",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "2.12.6-r0",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.19/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-36159:v3.19/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-36159:v3.19/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2021-36159",
"alpine/cve-2021-36159"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:10:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2021-36159",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:10:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.19/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2021-36159"
},
{
"advisoryKey": "alpine/cve-2022-37434",
"affectedPackages": [
{
"type": "apk",
"identifier": "zlib",
"platform": "v3.19/main",
"versionRanges": [
{
"fixedVersion": "1.2.12-r2",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.19",
"alpine.repo": "main",
"alpine.fixed": "1.2.12-r2",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2022-37434:v3.19/main:zlib:1.2.12-r2",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.2.12-r2",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.2.12-r2",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.19/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2022-37434:v3.19/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2022-37434:v3.19/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2022-37434",
"alpine/cve-2022-37434"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:10:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2022-37434",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:10:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.19/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2022-37434"
},
{
"advisoryKey": "alpine/cve-2023-42364",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.19/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r19",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.19",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r19",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2023-42364:v3.19/main:busybox:1.36.1-r19",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r19",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r19",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.19/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42364:v3.19/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42364:v3.19/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2023-42364",
"alpine/cve-2023-42364"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:10:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2023-42364",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:10:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.19/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2023-42364"
},
{
"advisoryKey": "alpine/cve-2023-42365",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.19/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r19",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.19",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r19",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2023-42365:v3.19/main:busybox:1.36.1-r19",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r19",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r19",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.19/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42365:v3.19/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42365:v3.19/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2023-42365",
"alpine/cve-2023-42365"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:10:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2023-42365",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:10:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.19/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2023-42365"
},
{
"advisoryKey": "alpine/cve-2024-58251",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.19/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r21",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.19",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r21",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2024-58251:v3.19/main:busybox:1.36.1-r21",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r21",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r21",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.19/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2024-58251:v3.19/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2024-58251:v3.19/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2024-58251",
"alpine/cve-2024-58251"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:10:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2024-58251",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:10:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.19/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2024-58251"
},
{
"advisoryKey": "alpine/cve-2025-46394",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.19/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r21",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.19",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r21",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2025-46394:v3.19/main:busybox:1.36.1-r21",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r21",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r21",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.19/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2025-46394:v3.19/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2025-46394:v3.19/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2025-46394",
"alpine/cve-2025-46394"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:10:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2025-46394",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:10:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.19/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:10:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.19/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2025-46394"
}
]

994
src/Concelier/__Tests/StellaOps.Concelier.Connector.Distro.Alpine.Tests/Source/Distro/Alpine/Fixtures/alpine-v3.20-main.snapshot.json Normal file
View File

@@ -0,0 +1,994 @@
[
{
"advisoryKey": "alpine/cve-2018-25032",
"affectedPackages": [
{
"type": "apk",
"identifier": "zlib",
"platform": "v3.20/main",
"versionRanges": [
{
"fixedVersion": "1.2.11-r4",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.20",
"alpine.repo": "main",
"alpine.fixed": "1.2.11-r4",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2018-25032:v3.20/main:zlib:1.2.11-r4",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.2.11-r4",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.2.11-r4",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.20/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2018-25032:v3.20/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2018-25032:v3.20/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2018-25032",
"alpine/cve-2018-25032"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:20:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2018-25032",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:20:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.20/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2018-25032"
},
{
"advisoryKey": "alpine/cve-2021-30139",
"affectedPackages": [
{
"type": "apk",
"identifier": "apk-tools",
"platform": "v3.20/main",
"versionRanges": [
{
"fixedVersion": "2.12.5-r0",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.20",
"alpine.repo": "main",
"alpine.fixed": "2.12.5-r0",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2021-30139:v3.20/main:apk-tools:2.12.5-r0",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:2.12.5-r0",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "2.12.5-r0",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.20/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-30139:v3.20/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-30139:v3.20/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2021-30139",
"alpine/cve-2021-30139"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:20:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2021-30139",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:20:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.20/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2021-30139"
},
{
"advisoryKey": "alpine/cve-2021-36159",
"affectedPackages": [
{
"type": "apk",
"identifier": "apk-tools",
"platform": "v3.20/main",
"versionRanges": [
{
"fixedVersion": "2.12.6-r0",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.20",
"alpine.repo": "main",
"alpine.fixed": "2.12.6-r0",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2021-36159:v3.20/main:apk-tools:2.12.6-r0",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:2.12.6-r0",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "2.12.6-r0",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.20/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-36159:v3.20/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2021-36159:v3.20/main:apk-tools",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2021-36159",
"alpine/cve-2021-36159"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:20:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2021-36159",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:20:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.20/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2021-36159"
},
{
"advisoryKey": "alpine/cve-2022-37434",
"affectedPackages": [
{
"type": "apk",
"identifier": "zlib",
"platform": "v3.20/main",
"versionRanges": [
{
"fixedVersion": "1.2.12-r2",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.20",
"alpine.repo": "main",
"alpine.fixed": "1.2.12-r2",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2022-37434:v3.20/main:zlib:1.2.12-r2",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.2.12-r2",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.2.12-r2",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.20/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2022-37434:v3.20/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2022-37434:v3.20/main:zlib",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2022-37434",
"alpine/cve-2022-37434"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:20:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2022-37434",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:20:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.20/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2022-37434"
},
{
"advisoryKey": "alpine/cve-2023-42364",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.20/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r29",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.20",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r29",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2023-42364:v3.20/main:busybox:1.36.1-r29",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r29",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r29",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.20/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42364:v3.20/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42364:v3.20/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2023-42364",
"alpine/cve-2023-42364"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:20:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2023-42364",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:20:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.20/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2023-42364"
},
{
"advisoryKey": "alpine/cve-2023-42365",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.20/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r29",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.20",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r29",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2023-42365:v3.20/main:busybox:1.36.1-r29",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r29",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r29",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.20/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42365:v3.20/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2023-42365:v3.20/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2023-42365",
"alpine/cve-2023-42365"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:20:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2023-42365",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:20:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.20/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2023-42365"
},
{
"advisoryKey": "alpine/cve-2024-58251",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.20/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r31",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.20",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r31",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2024-58251:v3.20/main:busybox:1.36.1-r31",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r31",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r31",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.20/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2024-58251:v3.20/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2024-58251:v3.20/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2024-58251",
"alpine/cve-2024-58251"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:20:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2024-58251",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:20:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.20/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2024-58251"
},
{
"advisoryKey": "alpine/cve-2025-46394",
"affectedPackages": [
{
"type": "apk",
"identifier": "busybox",
"platform": "v3.20/main",
"versionRanges": [
{
"fixedVersion": "1.36.1-r31",
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"alpine.distroversion": "v3.20",
"alpine.repo": "main",
"alpine.fixed": "1.36.1-r31",
"alpine.urlprefix": "https://dl-cdn.alpinelinux.org/alpine"
}
},
"provenance": {
"source": "distro-alpine",
"kind": "range",
"value": "CVE-2025-46394:v3.20/main:busybox:1.36.1-r31",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"rangeExpression": "fixed:1.36.1-r31",
"rangeKind": "apk"
}
],
"normalizedVersions": [
{
"scheme": "apk",
"type": "lt",
"min": null,
"minInclusive": null,
"max": "1.36.1-r31",
"maxInclusive": false,
"value": null,
"notes": "alpine:v3.20/main"
}
],
"statuses": [
{
"provenance": {
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2025-46394:v3.20/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"status": "fixed"
}
],
"provenance": [
{
"source": "distro-alpine",
"kind": "affected",
"value": "CVE-2025-46394:v3.20/main:busybox",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2025-46394",
"alpine/cve-2025-46394"
],
"canonicalMetricId": null,
"credits": [],
"cvssMetrics": [],
"cwes": [],
"description": null,
"exploitKnown": false,
"language": "en",
"modified": "2025-12-22T00:20:00+00:00",
"provenance": [
{
"source": "distro-alpine",
"kind": "document",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
{
"source": "distro-alpine",
"kind": "mapping",
"value": "alpine/cve-2025-46394",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
}
],
"published": "2025-12-22T00:20:00+00:00",
"references": [
{
"kind": "advisory",
"provenance": {
"source": "distro-alpine",
"kind": "reference",
"value": "https://secdb.alpinelinux.org/v3.20/main.json",
"decisionReason": null,
"recordedAt": "2025-12-22T00:20:00+00:00",
"fieldMask": []
},
"sourceTag": "secdb",
"summary": null,
"url": "https://secdb.alpinelinux.org/v3.20/main.json"
}
],
"severity": null,
"summary": null,
"title": "alpine/cve-2025-46394"
}
]