{"id":1303,"vulnerabilities":[{"id":"CVE-2024-12705","package":"bind","score":"7.5","severity":"high","suppressed":null,"published":"2025-01-29T22:15:28.800000Z","modified":"2025-02-07T17:15:30.177000Z","commentary":null},{"id":"BIT-grafana-2024-11741","package":"grafana","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2024-11187","package":"bind","score":"7.5","severity":"high","suppressed":null,"published":"2025-01-29T22:15:28.637000Z","modified":"2025-02-11T19:15:12.640000Z","commentary":null},{"id":"OSV-2023-1398","package":"file","score":null,"severity":"medium","suppressed":null,"published":"2024-11-01T00:02:38.719507Z","modified":"2024-11-01T00:02:38.719949Z","commentary":null},{"id":"GHSA-vx24-x4mv-vwr5","package":"starship","score":"7.4","severity":"high","suppressed":null,"published":"2024-07-26T21:24:18Z","modified":null,"commentary":null},{"id":"BIT-rclone-2024-52522","package":"rclone","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2024-22121","package":"zabbix-agent2","score":"6.1","severity":"medium","suppressed":"Exception: This result is a false positive; the vulnerability is only present on the .msi installer package for Windows.","published":"2024-08-12T13:38:16.070000Z","modified":"2024-12-10T16:19:19.810000Z","commentary":null},{"id":"CVE-2024-10041","package":"linux-pam","score":"4.7","severity":"medium","suppressed":null,"published":"2024-10-23T14:15:03.970000Z","modified":"2024-12-18T10:15:05.850000Z","commentary":null},{"id":"CVE-2024-9681","package":"curl","score":"6.5","severity":"medium","suppressed":null,"published":"2024-11-06T08:15:03.740000Z","modified":"2025-11-03T21:18:48.670000Z","commentary":null},{"id":"CVE-2024-9143","package":"openssl","score":"4.3","severity":"medium","suppressed":null,"published":"2024-10-16T17:15:18.130000Z","modified":"2025-11-03T23:17:33.460000Z","commentary":null},{"id":"CVE-2024-7246","package":"grpc","score":"6.3","severity":"medium","suppressed":null,"published":"2024-08-06T11:16:07.587000Z","modified":"2025-07-22T19:29:58.023000Z","commentary":null},{"id":"CVE-2024-6119","package":"openssl","score":"7.5","severity":"high","suppressed":null,"published":"2024-09-03T16:15:07Z","modified":"2025-06-03T10:51:54.117000Z","commentary":"Reduced severity: Bowtie considers the risk for this vulnerability reduced and will address it alongside normal upstream release cadence."},{"id":"OSV-2024-919","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-08-16T00:09:34.461792Z","modified":"2025-03-06T14:20:56.754046Z","commentary":null},{"id":"OSV-2024-831","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-08-16T00:03:12.871175Z","modified":"2025-03-07T14:24:40.166702Z","commentary":null},{"id":"OSV-2024-817","package":"libpcap","score":null,"severity":"medium","suppressed":null,"published":"2024-08-16T00:02:39.185747Z","modified":"2025-01-08T14:19:40.985698Z","commentary":null},{"id":"OSV-2024-440","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-05-07T00:06:11.033336Z","modified":"2026-03-23T14:25:50.543622Z","commentary":null},{"id":"OSV-2024-396","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-05-01T00:11:24.552935Z","modified":"2026-03-23T14:25:38.048801Z","commentary":null},{"id":"OSV-2024-395","package":"libpcap","score":null,"severity":"medium","suppressed":null,"published":"2024-05-01T00:04:54.392345Z","modified":"2026-03-23T14:26:07.845400Z","commentary":null},{"id":"OSV-2024-371","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-04-30T00:08:27.982063Z","modified":"2025-05-18T14:24:27.459047Z","commentary":null},{"id":"OSV-2024-330","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-04-30T00:00:31.577722Z","modified":"2024-05-27T14:01:02.168724Z","commentary":null},{"id":"CVE-2023-34111","package":"grafana","score":"9.8","severity":"critical","suppressed":"Exception: Controllers do not use the TaosData Grafana plugin.","published":"2023-06-06T17:15:15.210000Z","modified":"2024-11-21T08:06:34.313000Z","commentary":null},{"id":"CVE-2023-7216","package":"cpio","score":"5.3","severity":"medium","suppressed":null,"published":"2024-02-05T15:15:08.903000Z","modified":"2026-02-25T19:29:28.290000Z","commentary":null},{"id":"CVE-2023-6992","package":"zlib","score":"5.5","severity":"medium","suppressed":"Exception: This result is a false positive; the vulnerable version of zlib is a Cloudflare-specific package and not the upstream zlib package.","published":"2024-01-04T12:15:23.690000Z","modified":"2024-11-21T08:44:59.467000Z","commentary":null},{"id":"OSV-2023-1344","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2023-12-22T00:11:40.065456Z","modified":"2025-03-05T14:16:07.938645Z","commentary":null},{"id":"OSV-2023-1329","package":"jq","score":null,"severity":"high","suppressed":null,"published":"2023-12-18T00:13:42.545765Z","modified":"2025-02-17T14:14:20.492923Z","commentary":null},{"id":"OSV-2023-1307","package":"libbpf","score":null,"severity":"medium","suppressed":null,"published":"2023-12-15T00:12:51.528155Z","modified":"2026-03-23T14:21:09.052079Z","commentary":null},{"id":"OSV-2023-877","package":"libbpf","score":null,"severity":"medium","suppressed":null,"published":"2023-09-18T14:02:44.989260Z","modified":"2026-03-23T14:22:29.233253Z","commentary":null},{"id":"OSV-2023-505","package":"file","score":null,"severity":"high","suppressed":null,"published":"2023-06-22T14:02:20.855256Z","modified":"2023-08-01T14:06:27.325503Z","commentary":null},{"id":"OSV-2023-197","package":"p11-kit","score":null,"severity":null,"suppressed":null,"published":"2023-03-18T13:00:57.254906Z","modified":"2026-03-23T14:20:42.465411Z","commentary":null},{"id":"CVE-2022-48468","package":"protobuf-c","score":"5.5","severity":"medium","suppressed":"Exception: False positive; the version of protobuf-c used in Controller dependencies and compilation exceeds the patched revision for this vulnerability.","published":"2023-04-13T21:15:07.077000Z","modified":"2025-02-07T17:15:23.127000Z","commentary":null},{"id":"CVE-2022-42012","package":"dbus","score":"6.5","severity":"medium","suppressed":"Exception: False positive; Controllers run a version of dbus greater than 1.14.4.","published":"2022-10-10T00:15:09.627000Z","modified":"2025-06-09T15:15:28.623000Z","commentary":null},{"id":"CVE-2022-42011","package":"dbus","score":"6.5","severity":"medium","suppressed":"Exception: False positive; Controllers run a version of dbus greater than 1.14.4.","published":"2022-10-10T00:15:09.573000Z","modified":"2025-06-09T15:15:28.073000Z","commentary":null},{"id":"CVE-2022-42010","package":"dbus","score":"6.5","severity":"medium","suppressed":"Exception: False positive; Controllers run a version of dbus greater than 1.14.4.","published":"2022-10-10T00:15:09Z","modified":"2025-06-09T15:15:27.810000Z","commentary":null},{"id":"CVE-2022-38663","package":"git","score":"6.5","severity":"medium","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-08-23T17:15:15.257000Z","modified":"2024-11-21T07:16:53.420000Z","commentary":null},{"id":"CVE-2022-36884","package":"git","score":"5.3","severity":"medium","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-07-27T15:15:08.933000Z","modified":"2024-11-21T07:13:59.117000Z","commentary":null},{"id":"CVE-2022-36883","package":"git","score":"7.5","severity":"high","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-07-27T15:15:08.880000Z","modified":"2024-11-21T07:13:58.903000Z","commentary":null},{"id":"CVE-2022-36882","package":"git","score":"8.8","severity":"high","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-07-27T15:15:08.827000Z","modified":"2024-11-21T07:13:58.690000Z","commentary":null},{"id":"CVE-2022-30947","package":"git","score":"7.5","severity":"high","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2022-05-17T15:15:08.797000Z","modified":"2024-11-21T07:03:36.643000Z","commentary":null},{"id":"MAL-2022-4301","package":"libidn2","score":null,"severity":null,"suppressed":"Exception: This result is a false positive; the indicated package is an npm package and not the generic Linux library.","published":null,"modified":null,"commentary":null},{"id":"CVE-2022-3219","package":"gnupg","score":"3.3","severity":"low","suppressed":null,"published":"2023-02-23T20:15:12.393000Z","modified":"2025-03-12T21:15:38.207000Z","commentary":null},{"id":"GHSA-rjvj-673q-4hfw","package":"traceroute","score":null,"severity":"critical","suppressed":"Exception: This result is a false positive; the indicated vulnerability only applies to the npm package, not the generic Linux utility.","published":"2020-09-04T17:54:31Z","modified":null,"commentary":null},{"id":"CVE-2021-21684","package":"git","score":"6.1","severity":"medium","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2021-10-06T23:15:06.977000Z","modified":"2024-11-21T05:48:49.770000Z","commentary":null},{"id":"OSV-2021-777","package":"libxml2","score":null,"severity":"high","suppressed":null,"published":"2021-05-20T00:00:30.166614Z","modified":"2026-03-23T14:19:15.652514Z","commentary":null},{"id":"CVE-2020-2136","package":"git","score":"5.4","severity":"medium","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2020-03-09T16:15:12.797000Z","modified":"2024-11-21T05:24:45.417000Z","commentary":null},{"id":"CVE-2019-1003010","package":"git","score":"4.3","severity":"medium","suppressed":"Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.","published":"2019-02-06T16:29:00.563000Z","modified":"2024-11-21T04:17:44.057000Z","commentary":null},{"id":"CVE-2019-20633","package":"patch","score":"5.5","severity":"medium","suppressed":null,"published":"2020-03-25T17:15:14.013000Z","modified":"2024-11-21T04:38:55.590000Z","commentary":null},{"id":"CVE-2019-12749","package":"dbus","score":"7.1","severity":"high","suppressed":"Exception: False positive; Controllers run a version of dbus not subject to this vulnerability.","published":"2019-06-11T17:29:00Z","modified":"2026-02-13T20:16:12.897000Z","commentary":null},{"id":"CVE-2019-6470","package":"bind","score":"7.5","severity":"high","suppressed":"Exception: Controller DHCP functionality is provided via systemd-networkd and so are not subject to vulnerabilities in dhcpcd.","published":"2019-11-01T23:15:10.510000Z","modified":"2025-04-11T14:55:14.483000Z","commentary":null},{"id":"CVE-2016-2781","package":"coreutils","score":"4.6","severity":"medium","suppressed":null,"published":"2017-02-07T15:59:00.333000Z","modified":"2025-06-09T16:15:25.013000Z","commentary":null},{"id":"CVE-2013-4577","package":"grub","score":"2.1","severity":null,"suppressed":"Exception: False positive; this is a Debian-specific vulnerability applicable only to Debian-based systems.","published":"2014-05-12T14:55:05.023000Z","modified":"2025-04-12T10:46:40.837000Z","commentary":null},{"id":"CVE-2010-4226","package":"cpio","score":"7.2","severity":"high","suppressed":"Exception: False positive; this vulnerability only applies to systems that use RPM packaging, which Controllers do not.","published":"2014-02-06T17:00:03.167000Z","modified":"2025-06-09T15:15:22.147000Z","commentary":null},{"id":"CVE-2025-24928","package":"libxml2","score":"7.7","severity":"high","suppressed":null,"published":"2025-02-18T23:15:10.250000Z","modified":"2025-11-03T22:18:40.877000Z","commentary":null},{"id":"CVE-2024-56171","package":"libxml2","score":"9.8","severity":"critical","suppressed":null,"published":"2025-02-18T22:15:12.797000Z","modified":"2025-11-03T21:17:50.750000Z","commentary":null},{"id":"CVE-2024-40896","package":"libxml2","score":"9.1","severity":"critical","suppressed":null,"published":"2024-12-23T17:15:08.400000Z","modified":"2025-11-25T13:32:32.960000Z","commentary":null},{"id":"OSV-2024-1312","package":"jq","score":null,"severity":"medium","suppressed":null,"published":"2024-11-15T00:16:08.928897Z","modified":"2025-03-05T14:20:12.622041Z","commentary":null},{"id":"BIT-git-2024-52006","package":"git","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2024-52006","package":"git","score":"2.1","severity":"low","suppressed":null,"published":"2025-01-14T19:15:32.330000Z","modified":"2025-12-18T16:10:34.287000Z","commentary":null},{"id":"CVE-2024-52005","package":"git","score":"7.5","severity":"high","suppressed":null,"published":"2025-01-15T18:15:24.130000Z","modified":"2025-12-18T16:00:17.533000Z","commentary":null},{"id":"BIT-git-2024-50349","package":"git","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2024-50349","package":"git","score":"2.1","severity":"low","suppressed":null,"published":"2025-01-14T19:15:32.157000Z","modified":"2025-12-18T16:42:54.610000Z","commentary":null},{"id":"CVE-2024-13176","package":"openssl","score":"4.1","severity":"medium","suppressed":null,"published":"2025-01-20T14:15:26.247000Z","modified":"2025-11-03T20:16:08.203000Z","commentary":null},{"id":"CVE-2025-27113","package":"libxml2","score":"7.5","severity":"high","suppressed":null,"published":"2025-02-18T23:15:10.960000Z","modified":"2025-11-03T22:18:43.340000Z","commentary":null},{"id":"CVE-2024-53427","package":"jq","score":"8.1","severity":"high","suppressed":null,"published":"2025-02-26T16:15:16.237000Z","modified":"2025-07-01T21:25:24.020000Z","commentary":null},{"id":"BIT-git-2024-52005","package":"git","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"BIT-sqlite-2024-0232","package":"sqlite","score":null,"severity":null,"suppressed":null,"published":null,"modified":null,"commentary":null},{"id":"CVE-2025-25724","package":"libarchive","score":"7.8","severity":"high","suppressed":null,"published":"2025-03-02T02:15:36.603000Z","modified":"2025-07-17T15:56:36.083000Z","commentary":null},{"id":"CVE-2024-57970","package":"libarchive","score":"4.0","severity":"medium","suppressed":null,"published":"2025-02-16T04:15:21.843000Z","modified":"2025-02-18T17:15:19.130000Z","commentary":null}],"created":"2024-12-18T06:31:55.909726Z","next_scan":null,"scanned":"2025-03-22T03:10:53.753164Z","package":11768,"has_cdx":true,"has_spdx":true,"scanning":false,"queued":false}