{"package":3743,"id":38,"created":"2024-10-29T04:40:05.922149Z","scanned":"2025-02-01T11:37:50.258795Z","next_scan":null,"vulnerabilities":[{"id":"GHSA-vx24-x4mv-vwr5","package":"starship","score":"7.4","severity":"high","suppressed":null,"published":"2024-07-26T21:24:18Z","modified":null,"commentary":null},{"id":"CVE-2024-48958","package":"libarchive","score":"7.8","severity":"high","suppressed":null,"published":"2024-10-10T02:15:03.057000Z","modified":"2025-09-29T21:36:20.980000Z","commentary":null},{"id":"CVE-2024-48957","package":"libarchive","score":"7.8","severity":"high","suppressed":null,"published":"2024-10-10T02:15:02.990000Z","modified":"2025-09-29T21:35:07.130000Z","commentary":null},{"id":"CVE-2024-22121","package":"zabbix-agent2","score":"6.1","severity":"medium","suppressed":"Exception: this result is a false positive; the vulnerability is only present on the .msi installer package for Windows.","published":"2024-08-12T13:38:16Z","modified":"2024-12-10T16:19:19.810000Z","commentary":null},{"id":"CVE-2024-9143","package":"openssl","score":"4.3","severity":"medium","suppressed":null,"published":"2024-10-16T17:15:18.130000Z","modified":"2025-09-01T09:15:34.447000Z","commentary":null},{"id":"BIT-grafana-2024-8118","package":"grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2024-8006","package":"libpcap","score":"4.4","severity":"medium","suppressed":null,"published":"2024-08-31T00:15:05.743000Z","modified":"2024-09-19T17:46:03.447000Z","commentary":null},{"id":"CVE-2024-7246","package":"grpc","score":"6.3","severity":"medium","suppressed":null,"published":"2024-08-06T11:16:07.587000Z","modified":"2025-07-22T19:29:58.023000Z","commentary":null},{"id":"CVE-2024-6119","package":"openssl","score":"7.5","severity":"high","suppressed":null,"published":"2024-09-03T16:15:07Z","modified":"2025-06-03T10:51:54.117000Z","commentary":"Reduced severity: exposure to this vulnerability is minimal on Controllers and mitigation will take the form of normal upstream package updates when they become available."},{"id":"OSV-2024-919","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-08-16T00:09:34.461792Z","modified":"2025-03-06T14:20:56.754046Z","commentary":null},{"id":"OSV-2024-831","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-08-16T00:03:12.871175Z","modified":"2025-03-07T14:24:40.166702Z","commentary":null},{"id":"OSV-2024-440","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-05-07T00:06:11.033336Z","modified":"2025-07-01T14:30:06.613574Z","commentary":null},{"id":"OSV-2024-396","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-05-01T00:11:24.552935Z","modified":"2025-07-01T14:29:52.935440Z","commentary":null},{"id":"OSV-2024-395","package":"libpcap","score":null,"severity":"medium","suppressed":null,"published":"2024-05-01T00:04:54.392345Z","modified":"2024-08-31T14:18:45.876646Z","commentary":null},{"id":"OSV-2024-371","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-04-30T00:08:27.982063Z","modified":"2025-05-18T14:24:27.459047Z","commentary":null},{"id":"OSV-2024-330","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-04-30T00:00:31.577722Z","modified":"2024-05-27T14:01:02.168724Z","commentary":null},{"id":"CVE-2023-34111","package":"grafana","score":"9.8","severity":"critical","suppressed":"Exception: Controllers do not use the TaosData Grafana plugin.","published":"2023-06-06T17:15:15Z","modified":"2024-11-21T08:06:34.313000Z","commentary":null},{"id":"CVE-2023-7256","package":"libpcap","score":"4.4","severity":"medium","suppressed":null,"published":"2024-08-31T00:15:05.240000Z","modified":"2024-09-19T17:53:15.207000Z","commentary":null},{"id":"CVE-2023-7216","package":"cpio","score":"5.3","severity":"medium","suppressed":null,"published":"2024-02-05T15:15:08.903000Z","modified":"2024-11-21T08:45:32.120000Z","commentary":null},{"id":"CVE-2023-6992","package":"zlib","score":"5.5","severity":"medium","suppressed":"Exception: this result is a false positive; the vulnerable version of zlib is a Cloudflare-specific package and not the upstream zlib package.","published":"2024-01-04T12:15:23Z","modified":"2024-11-21T08:44:59.467000Z","commentary":null},{"id":"CVE-2023-4039","package":"gcc","score":"4.8","severity":"medium","suppressed":"Exception: this vulnerability applies to aarch64 systems only; Controllers currently only target x86-64 systems.","published":"2023-09-13T09:15:15Z","modified":"2025-02-13T17:17:14.717000Z","commentary":null},{"id":"OSV-2023-1344","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2023-12-22T00:11:40.065456Z","modified":"2025-03-05T14:16:07.938645Z","commentary":null},{"id":"OSV-2023-1329","package":"jq","score":null,"severity":"high","suppressed":null,"published":"2023-12-18T00:13:42.545765Z","modified":"2025-02-17T14:14:20.492923Z","commentary":null},{"id":"OSV-2023-1307","package":"libbpf","score":null,"severity":"medium","suppressed":null,"published":"2023-12-15T00:12:51.528155Z","modified":"2025-09-25T14:24:50.411130Z","commentary":null},{"id":"OSV-2023-877","package":"libbpf","score":null,"severity":"medium","suppressed":null,"published":"2023-09-18T14:02:44.989260Z","modified":"2025-09-25T14:27:18.692926Z","commentary":null},{"id":"OSV-2023-505","package":"file","score":null,"severity":"high","suppressed":null,"published":"2023-06-22T14:02:20.855256Z","modified":"2023-08-01T14:06:27.325503Z","commentary":null},{"id":"OSV-2023-197","package":"p11-kit","score":null,"severity":null,"suppressed":null,"published":"2023-03-18T13:00:57.254906Z","modified":"2025-09-25T14:23:56.310071Z","commentary":null},{"id":"CVE-2022-48468","package":"protobuf-c","score":"5.5","severity":"medium","suppressed":"Exception: false positive; the version of protobuf-c used in Controller dependencies and compilation exceeds the patched revision for this vulnerability.","published":"2023-04-13T21:15:07Z","modified":"2025-02-07T17:15:23.127000Z","commentary":null},{"id":"CVE-2022-42012","package":"dbus","score":"6.5","severity":"medium","suppressed":"Exception: false positive; Controllers run a version of dbus greater than 1.14.4.","published":"2022-10-10T00:15:09Z","modified":"2025-06-09T15:15:28.623000Z","commentary":null},{"id":"CVE-2022-42011","package":"dbus","score":"6.5","severity":"medium","suppressed":"Exception: false positive; Controllers run a version of dbus greater than 1.14.4.","published":"2022-10-10T00:15:09Z","modified":"2025-06-09T15:15:28.073000Z","commentary":null},{"id":"CVE-2022-42010","package":"dbus","score":"6.5","severity":"medium","suppressed":"Exception: false positive; Controllers run a version of dbus greater than 1.14.4.","published":"2022-10-10T00:15:09Z","modified":"2025-06-09T15:15:27.810000Z","commentary":null},{"id":"CVE-2022-38663","package":"git","score":"6.5","severity":"medium","suppressed":"Exception: this scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-08-23T17:15:15Z","modified":"2024-11-21T07:16:53.420000Z","commentary":null},{"id":"CVE-2022-36884","package":"git","score":"5.3","severity":"medium","suppressed":"Exception: this scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-07-27T15:15:08Z","modified":"2024-11-21T07:13:59.117000Z","commentary":null},{"id":"CVE-2022-36883","package":"git","score":"7.5","severity":"high","suppressed":"Exception: this scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-07-27T15:15:08Z","modified":"2024-11-21T07:13:58.903000Z","commentary":null},{"id":"CVE-2022-36882","package":"git","score":"8.8","severity":"high","suppressed":"Exception: this scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-07-27T15:15:08Z","modified":"2024-11-21T07:13:58.690000Z","commentary":null},{"id":"CVE-2022-30947","package":"git","score":"7.5","severity":"high","suppressed":"Exception: this scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-05-17T15:15:08Z","modified":"2024-11-21T07:03:36.643000Z","commentary":null},{"id":"MAL-2022-4301","package":"libidn2","score":null,"severity":null,"suppressed":"Exception: this result is a false positive; the indicated package is an npm package and not the generic Linux library.","published":null,"modified":null,"commentary":null},{"id":"CVE-2022-3219","package":"gnupg","score":"3.3","severity":"low","suppressed":null,"published":"2023-02-23T20:15:12.393000Z","modified":"2025-03-12T21:15:38.207000Z","commentary":null},{"id":"GHSA-rjvj-673q-4hfw","package":"traceroute","score":null,"severity":"critical","suppressed":"Exception: this result is a false positive; the indicated vulnerability only applies to the npm package, not the generic Linux utility.","published":"2020-09-04T17:54:31Z","modified":null,"commentary":null},{"id":"CVE-2021-21684","package":"git","score":"6.1","severity":"medium","suppressed":"Exception: this scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2021-10-06T23:15:06Z","modified":"2024-11-21T05:48:49.770000Z","commentary":null},{"id":"OSV-2021-777","package":"libxml2","score":null,"severity":"high","suppressed":null,"published":"2021-05-20T00:00:30.166614Z","modified":"2025-10-17T14:10:52.851254Z","commentary":null},{"id":"CVE-2020-2136","package":"git","score":"5.4","severity":"medium","suppressed":"Exception: this scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2020-03-09T16:15:12Z","modified":"2024-11-21T05:24:45.417000Z","commentary":null},{"id":"CVE-2019-1003010","package":"git","score":"4.3","severity":"medium","suppressed":"Exception: this scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2019-02-06T16:29:00Z","modified":"2024-11-21T04:17:44.057000Z","commentary":null},{"id":"CVE-2019-20633","package":"patch","score":"5.5","severity":"medium","suppressed":null,"published":"2020-03-25T17:15:14.013000Z","modified":"2024-11-21T04:38:55.590000Z","commentary":null},{"id":"CVE-2019-14900","package":"fuse","score":"6.5","severity":"medium","suppressed":"Exception: this result is a false positive; Controllers do not run Hibernate ORM.","published":"2020-07-06T19:15:12Z","modified":"2024-11-21T04:27:38.783000Z","commentary":null},{"id":"CVE-2019-14860","package":"fuse","score":"6.5","severity":"medium","suppressed":"Exception: this result is a false positive; Controllers do not run Syndesis.","published":"2019-11-08T15:15:11Z","modified":"2024-11-21T04:27:31.077000Z","commentary":null},{"id":"CVE-2019-12749","package":"dbus","score":"7.1","severity":"high","suppressed":"Exception: false positive; Controllers run a version of dbus not subject to this vulnerability.","published":"2019-06-11T17:29:00Z","modified":"2024-12-06T14:15:18.790000Z","commentary":null},{"id":"CVE-2019-6470","package":"bind","score":"7.5","severity":"high","suppressed":"Exception: Controller DHCP functionality is provided via systemd-networkd and so are not subject to vulnerabilities in dhcpcd.","published":"2019-11-01T23:15:10Z","modified":"2025-04-11T14:55:14.483000Z","commentary":null},{"id":"CVE-2016-2781","package":"coreutils","score":"4.6","severity":"medium","suppressed":null,"published":"2017-02-07T15:59:00.333000Z","modified":"2025-06-09T16:15:25.013000Z","commentary":null},{"id":"CVE-2013-4577","package":"grub","score":"2.1","severity":null,"suppressed":"Exception: false positive; this is a Debian-specific vulnerability applicable only to Debian-based systems.","published":"2014-05-12T14:55:05Z","modified":"2025-04-12T10:46:40.837000Z","commentary":null},{"id":"CVE-2010-4226","package":"cpio","score":"7.2","severity":"high","suppressed":"Exception: false positive; this vulnerability only applies to systems that use RPM packaging, which Controllers do not.","published":"2014-02-06T17:00:03Z","modified":"2025-06-09T15:15:22.147000Z","commentary":null},{"id":"CVE-2024-10041","package":"linux-pam","score":"4.7","severity":"medium","suppressed":null,"published":"2024-10-23T14:15:03.970000Z","modified":"2024-12-18T10:15:05.850000Z","commentary":null},{"id":"BIT-rclone-2024-52522","package":"rclone","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2024-9681","package":"curl","score":"6.5","severity":"medium","suppressed":null,"published":"2024-11-06T08:15:03.740000Z","modified":"2024-12-13T14:15:22.953000Z","commentary":null},{"id":"BIT-grafana-2024-10452","package":"grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2024-8508","package":"unbound","score":"5.3","severity":"medium","suppressed":null,"published":"2024-10-03T17:15:15.323000Z","modified":"2024-12-17T19:28:03.767000Z","commentary":null},{"id":"BIT-git-2024-52006","package":"git","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2024-52006","package":"git","score":"2.1","severity":"low","suppressed":null,"published":"2025-01-14T19:15:32.330000Z","modified":"2025-01-21T17:15:14.423000Z","commentary":null},{"id":"CVE-2024-52005","package":"git","score":"7.5","severity":"high","suppressed":null,"published":"2025-01-15T18:15:24.130000Z","modified":"2025-01-15T18:15:24.130000Z","commentary":null},{"id":"BIT-git-2024-50349","package":"git","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2024-50349","package":"git","score":"2.1","severity":"low","suppressed":null,"published":"2025-01-14T19:15:32.157000Z","modified":"2025-01-21T17:15:14.287000Z","commentary":null},{"id":"CVE-2024-13176","package":"openssl","score":"4.1","severity":"medium","suppressed":null,"published":"2025-01-20T14:15:26.247000Z","modified":"2025-05-26T18:15:19.740000Z","commentary":null},{"id":"OSV-2023-1398","package":"file","score":null,"severity":"medium","suppressed":null,"published":"2024-11-01T00:02:38.719507Z","modified":"2024-11-01T00:02:38.719949Z","commentary":null},{"id":"CVE-2024-12705","package":"bind","score":"7.5","severity":"high","suppressed":"Exception: false positive; Controllers use the client utilities of bind and do not run the bind resolver","published":"2025-01-29T00:00:00Z","modified":"2025-02-07T17:15:30.177000Z","commentary":null},{"id":"CVE-2024-11187","package":"bind","score":"7.5","severity":"high","suppressed":"Exception: false positive; Controllers use the client utilities of bind and do not run the bind resolver","published":"2025-01-29T00:00:00Z","modified":"2025-02-11T19:15:12.640000Z","commentary":null}],"has_cdx":true,"has_spdx":true,"scanning":false,"queued":false}