|
1469 | 1469 | } |
1470 | 1470 | ], |
1471 | 1471 | "metadata": { |
1472 | | - "timestamp": "2025-03-27T20:14:04.573420+00:00", |
| 1472 | + "timestamp": "2025-03-26T19:47:21.554404+00:00", |
1473 | 1473 | "tools": [ |
1474 | 1474 | { |
1475 | 1475 | "externalReferences": [ |
|
1513 | 1513 | ] |
1514 | 1514 | }, |
1515 | 1515 | "serialNumber": "urn:uuid:ecf433fd-8f8f-476e-bb32-15507acd4361", |
1516 | | - "version": 26, |
1517 | | - "vulnerabilities": [ |
1518 | | - { |
1519 | | - "affects": [ |
1520 | | - { |
1521 | | - "ref": "pkg:golang/golang.org/x/[email protected]" |
1522 | | - } |
1523 | | - ], |
1524 | | - "analysis": { |
1525 | | - "state": "in_triage" |
1526 | | - }, |
1527 | | - "bom-ref": "67bf5861110ba874cbf974a7", |
1528 | | - "description": "Please see 'source' and 'references' for additional information", |
1529 | | - "id": "crypto___CVE-2025-22869", |
1530 | | - "ratings": [ |
1531 | | - { |
1532 | | - "method": "CVSSv3", |
1533 | | - "score": 8.0, |
1534 | | - "severity": "high" |
1535 | | - } |
1536 | | - ], |
1537 | | - "references": [ |
1538 | | - { |
1539 | | - "id": "67bf5861110ba874cbf974a7", |
1540 | | - "source": { |
1541 | | - "name": "Kondukto", |
1542 | | - "url": "https://arcticglow.kondukto.io/projects/67990793f5bd68edc6c5e900/vulns/appsec?page=1&perPage=15&id=eq:67bf5861110ba874cbf974a7" |
1543 | | - } |
1544 | | - }, |
1545 | | - { |
1546 | | - "id": "VULN-385", |
1547 | | - "source": { |
1548 | | - "name": "Jira", |
1549 | | - "url": "https://jira.mongodb.org/browse/VULN-385" |
1550 | | - } |
1551 | | - } |
1552 | | - ] |
1553 | | - }, |
1554 | | - { |
1555 | | - "affects": [ |
1556 | | - { |
1557 | | - "ref": "pkg:golang/github.com/mongodb/mongo-tools" |
1558 | | - } |
1559 | | - ], |
1560 | | - "analysis": { |
1561 | | - "state": "in_triage" |
1562 | | - }, |
1563 | | - "bom-ref": "679943c11241b228cf6f5d95", |
1564 | | - "cwes": [ |
1565 | | - 295 |
1566 | | - ], |
1567 | | - "description": "Improper Certificate Validation - Please see 'source' and 'references' for additional information", |
1568 | | - "id": "mongo-tools___CVE-2020-7924", |
1569 | | - "ratings": [ |
1570 | | - { |
1571 | | - "method": "CVSSv3", |
1572 | | - "score": 6.0, |
1573 | | - "severity": "medium" |
1574 | | - } |
1575 | | - ], |
1576 | | - "references": [ |
1577 | | - { |
1578 | | - "id": "679943c11241b228cf6f5d95", |
1579 | | - "source": { |
1580 | | - "name": "Kondukto", |
1581 | | - "url": "https://arcticglow.kondukto.io/projects/67990793f5bd68edc6c5e900/vulns/appsec?page=1&perPage=15&id=eq:679943c11241b228cf6f5d95" |
1582 | | - } |
1583 | | - }, |
1584 | | - { |
1585 | | - "id": "VULN-387", |
1586 | | - "source": { |
1587 | | - "name": "Jira", |
1588 | | - "url": "https://jira.mongodb.org/browse/VULN-387" |
1589 | | - } |
1590 | | - } |
1591 | | - ] |
1592 | | - }, |
1593 | | - { |
1594 | | - "affects": [ |
1595 | | - { |
1596 | | - "ref": "pkg:golang/golang.org/x/[email protected]" |
1597 | | - } |
1598 | | - ], |
1599 | | - "analysis": { |
1600 | | - "state": "in_triage" |
1601 | | - }, |
1602 | | - "bom-ref": "67d259ce191264fcfc8d7205", |
1603 | | - "cwes": [ |
1604 | | - 115 |
1605 | | - ], |
1606 | | - "description": "Misinterpretaion of Input - Please see 'source' and 'references' for additional information", |
1607 | | - "id": "net___CVE-2025-22870", |
1608 | | - "ratings": [ |
1609 | | - { |
1610 | | - "method": "CVSSv3", |
1611 | | - "score": 6.0, |
1612 | | - "severity": "medium" |
1613 | | - } |
1614 | | - ], |
1615 | | - "references": [ |
1616 | | - { |
1617 | | - "id": "67d259ce191264fcfc8d7205", |
1618 | | - "source": { |
1619 | | - "name": "Kondukto", |
1620 | | - "url": "https://arcticglow.kondukto.io/projects/67990793f5bd68edc6c5e900/vulns/appsec?page=1&perPage=15&id=eq:67d259ce191264fcfc8d7205" |
1621 | | - } |
1622 | | - }, |
1623 | | - { |
1624 | | - "id": "VULN-404", |
1625 | | - "source": { |
1626 | | - "name": "Jira", |
1627 | | - "url": "https://jira.mongodb.org/browse/VULN-404" |
1628 | | - } |
1629 | | - } |
1630 | | - ] |
1631 | | - }, |
1632 | | - { |
1633 | | - "affects": [ |
1634 | | - { |
1635 | | - "ref": "pkg:golang/github.com/golang-jwt/jwt/[email protected]" |
1636 | | - } |
1637 | | - ], |
1638 | | - "analysis": { |
1639 | | - "state": "in_triage" |
1640 | | - }, |
1641 | | - "bom-ref": "67de4c3586b8a04787ae332e", |
1642 | | - "cwes": [ |
1643 | | - 405 |
1644 | | - ], |
1645 | | - "description": "Asymmetric Resource Consumption (Amplification) - Please see 'source' and 'references' for additional information", |
1646 | | - "id": "v5___CVE-2025-30204", |
1647 | | - "ratings": [ |
1648 | | - { |
1649 | | - "method": "CVSSv3", |
1650 | | - "score": 7.5, |
1651 | | - "severity": "high" |
1652 | | - } |
1653 | | - ], |
1654 | | - "references": [ |
1655 | | - { |
1656 | | - "id": "67de4c3586b8a04787ae332e", |
1657 | | - "source": { |
1658 | | - "name": "Kondukto", |
1659 | | - "url": "https://arcticglow.kondukto.io/projects/67990793f5bd68edc6c5e900/vulns/appsec?page=1&perPage=15&id=eq:67de4c3586b8a04787ae332e" |
1660 | | - } |
1661 | | - }, |
1662 | | - { |
1663 | | - "id": "VULN-436", |
1664 | | - "source": { |
1665 | | - "name": "Jira", |
1666 | | - "url": "https://jira.mongodb.org/browse/VULN-436" |
1667 | | - } |
1668 | | - } |
1669 | | - ] |
1670 | | - } |
1671 | | - ], |
| 1516 | + "version": 25, |
1672 | 1517 | "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", |
1673 | 1518 | "bomFormat": "CycloneDX", |
1674 | | - "specVersion": "1.5" |
| 1519 | + "specVersion": "1.5", |
| 1520 | + "vulnerabilities": [] |
1675 | 1521 | } |
0 commit comments