Skip to content

Commit

Permalink
test
Browse files Browse the repository at this point in the history
  • Loading branch information
jyothi kumar committed Jul 26, 2024
1 parent 6d3f6ed commit f85dd7f
Show file tree
Hide file tree
Showing 2 changed files with 279 additions and 3 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@ name: Build-Scan-Push-Image-scan
# events but only for the trivyExploitable branch
on:
push:
branches: [ trivyExploitable ]
branches: [ trivyMalware ]
pull_request:
branches: [ trivyExploitable ]
branches: [ trivyMalware ]

env:
BuildNumber: ${{ github.run_id }}-${{ github.run_number }}
Expand Down Expand Up @@ -54,7 +54,7 @@ jobs:
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivyPremiumVuln.sarif'
sarif_file: 'trivyPremiumMalware.sarif'

#- name: Push Docker image
# uses: docker/[email protected]
Expand Down
276 changes: 276 additions & 0 deletions trivyPremiumMalware.sarif
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,276 @@
{
"version": "2.1.0",
"$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
"runs": [
{
"tool": {
"driver": {
"fullName": "Trivy Premium Vulnerability Scanner",
"informationUri": "https://www.aquasec.com",
"name": "TrivyPremium",
"rules": [
{
"id": "Eicar-Test-Signature",
"name": "Malware",
"shortDescription": {
"text": ""
},
"fullDescription": {
"text": "Eicar-Test-Signature"
},
"defaultConfiguration": {
"level": "error"
},
"helpUri": "https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140",
"help": {
"text": "Malware Eicar-Test-Signature\nFile Hash: sha1:3395856ce81f2b7382dee72602f798b642f14140\nLink: [Eicar-Test-Signature](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)",
"markdown": "**Malware Eicar-Test-Signature**\n| File Hash | Link |\n| --- | --- |\n|sha1:3395856ce81f2b7382dee72602f798b642f14140|[Eicar-Test-Signature](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)"
},
"properties": {
"precision": "very-high",
"security-severity": "9.5",
"tags": [
"secret",
"security",
"CRITICAL"
]
}
},
{
"id": "Win.Test.EICAR_HDB-1",
"name": "Malware",
"shortDescription": {
"text": ""
},
"fullDescription": {
"text": "Win.Test.EICAR_HDB-1"
},
"defaultConfiguration": {
"level": "error"
},
"helpUri": "https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140",
"help": {
"text": "Malware Win.Test.EICAR_HDB-1\nFile Hash: sha1:3395856ce81f2b7382dee72602f798b642f14140\nLink: [Win.Test.EICAR_HDB-1](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)",
"markdown": "**Malware Win.Test.EICAR_HDB-1**\n| File Hash | Link |\n| --- | --- |\n|sha1:3395856ce81f2b7382dee72602f798b642f14140|[Win.Test.EICAR_HDB-1](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)"
},
"properties": {
"precision": "very-high",
"security-severity": "9.5",
"tags": [
"secret",
"security",
"CRITICAL"
]
}
},
{
"id": "EICAR test file",
"name": "Malware",
"shortDescription": {
"text": ""
},
"fullDescription": {
"text": "EICAR test file"
},
"defaultConfiguration": {
"level": "error"
},
"helpUri": "https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140",
"help": {
"text": "Malware EICAR test file\nFile Hash: sha1:3395856ce81f2b7382dee72602f798b642f14140\nLink: [EICAR test file](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)",
"markdown": "**Malware EICAR test file**\n| File Hash | Link |\n| --- | --- |\n|sha1:3395856ce81f2b7382dee72602f798b642f14140|[EICAR test file](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)"
},
"properties": {
"precision": "very-high",
"security-severity": "9.5",
"tags": [
"secret",
"security",
"CRITICAL"
]
}
},
{
"id": "CVE-2019-14697",
"name": "OsPackageVulnerability",
"shortDescription": {
"text": "musl libc through 1.1.23 has an x87 floating-point..."
},
"fullDescription": {
"text": "musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalan..."
},
"defaultConfiguration": {
"level": "error"
},
"helpUri": "https://nvd.nist.gov/vuln/detail/CVE-2019-14697",
"help": {
"text": "Vulnerability CVE-2019-14697\nSeverity: critical\nPackage: musl-utils\nFixed Version: 1.1.19-r11\nExploit Available: []()\nExploit Type: \nLink: [CVE-2019-14697](https://nvd.nist.gov/vuln/detail/CVE-2019-14697)\nmusl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.",
"markdown": "**Vulnerability CVE-2019-14697**\n| Severity | Package | Fixed Version | Exploit Available | Exploit Type | Link |\n| --- | --- | --- | --- | --- | --- |\n|critical|musl-utils|1.1.19-r11|[]()||[CVE-2019-14697](https://nvd.nist.gov/vuln/detail/CVE-2019-14697)|\n\nmusl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code."
},
"properties": {
"precision": "very-high",
"security-severity": "0.0",
"tags": [
"vulnerability",
"security",
"critical"
]
}
}
],
"version": ""
}
},
"results": [
{
"ruleId": "Eicar-Test-Signature",
"ruleIndex": 0,
"level": "error",
"message": {
"text": "Artifact: /eicar.com.txt\nMalware: Eicar-Test-Signature\nFile Hash sha1:3395856ce81f2b7382dee72602f798b642f14140"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "/eicar.com.txt",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": ""
}
}
]
},
{
"ruleId": "Win.Test.EICAR_HDB-1",
"ruleIndex": 1,
"level": "error",
"message": {
"text": "Artifact: /eicar.com.txt\nMalware: Win.Test.EICAR_HDB-1\nFile Hash sha1:3395856ce81f2b7382dee72602f798b642f14140"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "/eicar.com.txt",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": ""
}
}
]
},
{
"ruleId": "EICAR test file",
"ruleIndex": 2,
"level": "error",
"message": {
"text": "Artifact: /eicar.com.txt\nMalware: EICAR test file\nFile Hash sha1:3395856ce81f2b7382dee72602f798b642f14140"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "/eicar.com.txt",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": ""
}
}
]
},
{
"ruleId": "CVE-2019-14697",
"ruleIndex": 3,
"level": "error",
"message": {
"text": "Package: musl\nInstalled Version: 1.1.19-r10\nVulnerability CVE-2019-14697\nSeverity: critical\nFixed Version: 1.1.19-r11\nExploit Available: []()\nExploit Type: \nLink: [CVE-2019-14697](https://nvd.nist.gov/vuln/detail/CVE-2019-14697)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "musl",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": ": [email protected]"
}
}
]
},
{
"ruleId": "CVE-2019-14697",
"ruleIndex": 3,
"level": "error",
"message": {
"text": "Package: musl-utils\nInstalled Version: 1.1.19-r10\nVulnerability CVE-2019-14697\nSeverity: critical\nFixed Version: 1.1.19-r11\nExploit Available: []()\nExploit Type: \nLink: [CVE-2019-14697](https://nvd.nist.gov/vuln/detail/CVE-2019-14697)"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "musl-utils",
"uriBaseId": "ROOTPATH"
},
"region": {
"startLine": 1,
"startColumn": 1,
"endLine": 1,
"endColumn": 1
}
},
"message": {
"text": ": [email protected]"
}
}
]
}
],
"columnKind": "utf16CodeUnits",
"originalUriBaseIds": {
"ROOTPATH": {
"uri": "file:///Users/jyothikumarbehara/go/src/bitbucket.org/scalock/server/registry-1.docker.io/jerbi/eicar:latest/"
}
},
"properties": {
"imageName": "registry-1.docker.io/jerbi/eicar:latest",
"repoDigests": [
"eicar@sha256:9a0d238325e222e3f40a4f49b3e9323c8577404ff65419c26e2dd8dfc337bad9"
],
"repoTags": null
}
}
]
}

0 comments on commit f85dd7f

Please sign in to comment.