From f85dd7fd71abf5e50b7743c005df3a9153716505 Mon Sep 17 00:00:00 2001 From: jyothi kumar Date: Fri, 26 Jul 2024 14:50:36 +0530 Subject: [PATCH] test --- .github/workflows/main.yml | 6 +- trivyPremiumMalware.sarif | 276 +++++++++++++++++++++++++++++++++++++ 2 files changed, 279 insertions(+), 3 deletions(-) create mode 100644 trivyPremiumMalware.sarif diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 263c743..94372d8 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -4,9 +4,9 @@ name: Build-Scan-Push-Image-scan # events but only for the trivyExploitable branch on: push: - branches: [ trivyExploitable ] + branches: [ trivyMalware ] pull_request: - branches: [ trivyExploitable ] + branches: [ trivyMalware ] env: BuildNumber: ${{ github.run_id }}-${{ github.run_number }} @@ -54,7 +54,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v2 with: - sarif_file: 'trivyPremiumVuln.sarif' + sarif_file: 'trivyPremiumMalware.sarif' #- name: Push Docker image # uses: docker/build-push-action@v1.1.0 diff --git a/trivyPremiumMalware.sarif b/trivyPremiumMalware.sarif new file mode 100644 index 0000000..b0423bc --- /dev/null +++ b/trivyPremiumMalware.sarif @@ -0,0 +1,276 @@ +{ + "version": "2.1.0", + "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", + "runs": [ + { + "tool": { + "driver": { + "fullName": "Trivy Premium Vulnerability Scanner", + "informationUri": "https://www.aquasec.com", + "name": "TrivyPremium", + "rules": [ + { + "id": "Eicar-Test-Signature", + "name": "Malware", + "shortDescription": { + "text": "" + }, + "fullDescription": { + "text": "Eicar-Test-Signature" + }, + "defaultConfiguration": { + "level": "error" + }, + "helpUri": "https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140", + "help": { + "text": "Malware Eicar-Test-Signature\nFile Hash: sha1:3395856ce81f2b7382dee72602f798b642f14140\nLink: [Eicar-Test-Signature](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)", + "markdown": "**Malware Eicar-Test-Signature**\n| File Hash | Link |\n| --- | --- |\n|sha1:3395856ce81f2b7382dee72602f798b642f14140|[Eicar-Test-Signature](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)" + }, + "properties": { + "precision": "very-high", + "security-severity": "9.5", + "tags": [ + "secret", + "security", + "CRITICAL" + ] + } + }, + { + "id": "Win.Test.EICAR_HDB-1", + "name": "Malware", + "shortDescription": { + "text": "" + }, + "fullDescription": { + "text": "Win.Test.EICAR_HDB-1" + }, + "defaultConfiguration": { + "level": "error" + }, + "helpUri": "https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140", + "help": { + "text": "Malware Win.Test.EICAR_HDB-1\nFile Hash: sha1:3395856ce81f2b7382dee72602f798b642f14140\nLink: [Win.Test.EICAR_HDB-1](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)", + "markdown": "**Malware Win.Test.EICAR_HDB-1**\n| File Hash | Link |\n| --- | --- |\n|sha1:3395856ce81f2b7382dee72602f798b642f14140|[Win.Test.EICAR_HDB-1](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)" + }, + "properties": { + "precision": "very-high", + "security-severity": "9.5", + "tags": [ + "secret", + "security", + "CRITICAL" + ] + } + }, + { + "id": "EICAR test file", + "name": "Malware", + "shortDescription": { + "text": "" + }, + "fullDescription": { + "text": "EICAR test file" + }, + "defaultConfiguration": { + "level": "error" + }, + "helpUri": "https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140", + "help": { + "text": "Malware EICAR test file\nFile Hash: sha1:3395856ce81f2b7382dee72602f798b642f14140\nLink: [EICAR test file](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)", + "markdown": "**Malware EICAR test file**\n| File Hash | Link |\n| --- | --- |\n|sha1:3395856ce81f2b7382dee72602f798b642f14140|[EICAR test file](https://www.virustotal.com/gui/file/3395856ce81f2b7382dee72602f798b642f14140)" + }, + "properties": { + "precision": "very-high", + "security-severity": "9.5", + "tags": [ + "secret", + "security", + "CRITICAL" + ] + } + }, + { + "id": "CVE-2019-14697", + "name": "OsPackageVulnerability", + "shortDescription": { + "text": "musl libc through 1.1.23 has an x87 floating-point..." + }, + "fullDescription": { + "text": "musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalan..." + }, + "defaultConfiguration": { + "level": "error" + }, + "helpUri": "https://nvd.nist.gov/vuln/detail/CVE-2019-14697", + "help": { + "text": "Vulnerability CVE-2019-14697\nSeverity: critical\nPackage: musl-utils\nFixed Version: 1.1.19-r11\nExploit Available: []()\nExploit Type: \nLink: [CVE-2019-14697](https://nvd.nist.gov/vuln/detail/CVE-2019-14697)\nmusl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.", + "markdown": "**Vulnerability CVE-2019-14697**\n| Severity | Package | Fixed Version | Exploit Available | Exploit Type | Link |\n| --- | --- | --- | --- | --- | --- |\n|critical|musl-utils|1.1.19-r11|[]()||[CVE-2019-14697](https://nvd.nist.gov/vuln/detail/CVE-2019-14697)|\n\nmusl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code." + }, + "properties": { + "precision": "very-high", + "security-severity": "0.0", + "tags": [ + "vulnerability", + "security", + "critical" + ] + } + } + ], + "version": "" + } + }, + "results": [ + { + "ruleId": "Eicar-Test-Signature", + "ruleIndex": 0, + "level": "error", + "message": { + "text": "Artifact: /eicar.com.txt\nMalware: Eicar-Test-Signature\nFile Hash sha1:3395856ce81f2b7382dee72602f798b642f14140" + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "/eicar.com.txt", + "uriBaseId": "ROOTPATH" + }, + "region": { + "startLine": 1, + "startColumn": 1, + "endLine": 1, + "endColumn": 1 + } + }, + "message": { + "text": "" + } + } + ] + }, + { + "ruleId": "Win.Test.EICAR_HDB-1", + "ruleIndex": 1, + "level": "error", + "message": { + "text": "Artifact: /eicar.com.txt\nMalware: Win.Test.EICAR_HDB-1\nFile Hash sha1:3395856ce81f2b7382dee72602f798b642f14140" + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "/eicar.com.txt", + "uriBaseId": "ROOTPATH" + }, + "region": { + "startLine": 1, + "startColumn": 1, + "endLine": 1, + "endColumn": 1 + } + }, + "message": { + "text": "" + } + } + ] + }, + { + "ruleId": "EICAR test file", + "ruleIndex": 2, + "level": "error", + "message": { + "text": "Artifact: /eicar.com.txt\nMalware: EICAR test file\nFile Hash sha1:3395856ce81f2b7382dee72602f798b642f14140" + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "/eicar.com.txt", + "uriBaseId": "ROOTPATH" + }, + "region": { + "startLine": 1, + "startColumn": 1, + "endLine": 1, + "endColumn": 1 + } + }, + "message": { + "text": "" + } + } + ] + }, + { + "ruleId": "CVE-2019-14697", + "ruleIndex": 3, + "level": "error", + "message": { + "text": "Package: musl\nInstalled Version: 1.1.19-r10\nVulnerability CVE-2019-14697\nSeverity: critical\nFixed Version: 1.1.19-r11\nExploit Available: []()\nExploit Type: \nLink: [CVE-2019-14697](https://nvd.nist.gov/vuln/detail/CVE-2019-14697)" + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "musl", + "uriBaseId": "ROOTPATH" + }, + "region": { + "startLine": 1, + "startColumn": 1, + "endLine": 1, + "endColumn": 1 + } + }, + "message": { + "text": ": musl@1.1.19-r10" + } + } + ] + }, + { + "ruleId": "CVE-2019-14697", + "ruleIndex": 3, + "level": "error", + "message": { + "text": "Package: musl-utils\nInstalled Version: 1.1.19-r10\nVulnerability CVE-2019-14697\nSeverity: critical\nFixed Version: 1.1.19-r11\nExploit Available: []()\nExploit Type: \nLink: [CVE-2019-14697](https://nvd.nist.gov/vuln/detail/CVE-2019-14697)" + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "musl-utils", + "uriBaseId": "ROOTPATH" + }, + "region": { + "startLine": 1, + "startColumn": 1, + "endLine": 1, + "endColumn": 1 + } + }, + "message": { + "text": ": musl-utils@1.1.19-r10" + } + } + ] + } + ], + "columnKind": "utf16CodeUnits", + "originalUriBaseIds": { + "ROOTPATH": { + "uri": "file:///Users/jyothikumarbehara/go/src/bitbucket.org/scalock/server/registry-1.docker.io/jerbi/eicar:latest/" + } + }, + "properties": { + "imageName": "registry-1.docker.io/jerbi/eicar:latest", + "repoDigests": [ + "eicar@sha256:9a0d238325e222e3f40a4f49b3e9323c8577404ff65419c26e2dd8dfc337bad9" + ], + "repoTags": null + } + } + ] +} \ No newline at end of file