HTTP 200 OK
Allow: GET, PUT, PATCH, DELETE, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"vulnerabilities": [
{
"id": "CVE-2023-4039",
"package": "gcc",
"score": "4.8",
"severity": "medium",
"suppressed": "Exception: This vulnerability applies to aarch64 systems only; Controllers currently only target x86-64 systems.",
"published": "2023-09-13T05:15:15.690000-04:00",
"modified": "2025-02-13T17:17:14.717000-05:00",
"commentary": null
},
{
"id": "OSV-2023-1344",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2023-12-21T19:11:40.065456-05:00",
"modified": "2025-03-05T09:16:07.938645-05:00",
"commentary": null
},
{
"id": "OSV-2023-1329",
"package": "jq",
"score": null,
"severity": "high",
"suppressed": null,
"published": "2023-12-17T19:13:42.545765-05:00",
"modified": "2025-02-17T09:14:20.492923-05:00",
"commentary": null
},
{
"id": "OSV-2023-1307",
"package": "libbpf",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2023-12-14T19:12:51.528155-05:00",
"modified": "2025-07-19T10:14:30.054184-04:00",
"commentary": null
},
{
"id": "OSV-2023-877",
"package": "libbpf",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2023-09-18T10:02:44.989260-04:00",
"modified": "2025-07-19T10:16:07.080224-04:00",
"commentary": null
},
{
"id": "OSV-2023-505",
"package": "file",
"score": null,
"severity": "high",
"suppressed": null,
"published": "2023-06-22T10:02:20.855256-04:00",
"modified": "2023-08-01T10:06:27.325503-04:00",
"commentary": null
},
{
"id": "OSV-2023-197",
"package": "p11-kit",
"score": null,
"severity": null,
"suppressed": null,
"published": "2023-03-18T09:00:57.254906-04:00",
"modified": "2024-07-04T10:16:04.301147-04:00",
"commentary": null
},
{
"id": "CVE-2022-48468",
"package": "protobuf-c",
"score": "5.5",
"severity": "medium",
"suppressed": "Exception: False positive; the version of protobuf-c used in Controller dependencies and compilation exceeds the patched revision for this vulnerability.",
"published": "2023-04-13T17:15:07.077000-04:00",
"modified": "2025-02-07T17:15:23.127000-05:00",
"commentary": null
},
{
"id": "CVE-2022-42012",
"package": "dbus",
"score": "6.5",
"severity": "medium",
"suppressed": "Exception: False positive; Controllers run a version of dbus greater than 1.14.4.",
"published": "2022-10-09T20:15:09.627000-04:00",
"modified": "2025-06-09T15:15:28.623000-04:00",
"commentary": null
},
{
"id": "CVE-2022-42011",
"package": "dbus",
"score": "6.5",
"severity": "medium",
"suppressed": "Exception: False positive; Controllers run a version of dbus greater than 1.14.4.",
"published": "2022-10-09T20:15:09.573000-04:00",
"modified": "2025-06-09T15:15:28.073000-04:00",
"commentary": null
},
{
"id": "CVE-2022-42010",
"package": "dbus",
"score": "6.5",
"severity": "medium",
"suppressed": "Exception: False positive; Controllers run a version of dbus greater than 1.14.4.",
"published": "2022-10-09T20:15:09-04:00",
"modified": "2025-06-09T15:15:27.810000-04:00",
"commentary": null
},
{
"id": "CVE-2022-38663",
"package": "git",
"score": "6.5",
"severity": "medium",
"suppressed": "Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.",
"published": "2022-08-23T13:15:15.257000-04:00",
"modified": "2024-11-21T07:16:53.420000-05:00",
"commentary": null
},
{
"id": "CVE-2022-36884",
"package": "git",
"score": "5.3",
"severity": "medium",
"suppressed": "Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.",
"published": "2022-07-27T11:15:08.933000-04:00",
"modified": "2024-11-21T07:13:59.117000-05:00",
"commentary": null
},
{
"id": "CVE-2022-36883",
"package": "git",
"score": "7.5",
"severity": "high",
"suppressed": "Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.",
"published": "2022-07-27T11:15:08.880000-04:00",
"modified": "2024-11-21T07:13:58.903000-05:00",
"commentary": null
},
{
"id": "CVE-2022-36882",
"package": "git",
"score": "8.8",
"severity": "high",
"suppressed": "Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.",
"published": "2022-07-27T11:15:08.827000-04:00",
"modified": "2024-11-21T07:13:58.690000-05:00",
"commentary": null
},
{
"id": "CVE-2022-30947",
"package": "git",
"score": "7.5",
"severity": "high",
"suppressed": "Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.",
"published": "2022-05-17T11:15:08.797000-04:00",
"modified": "2024-11-21T07:03:36.643000-05:00",
"commentary": null
},
{
"id": "MAL-2022-4301",
"package": "libidn2",
"score": null,
"severity": null,
"suppressed": "Exception: This result is a false positive; the indicated package is an npm package and not the generic Linux library.",
"published": null,
"modified": null,
"commentary": null
},
{
"id": "CVE-2022-3219",
"package": "gnupg",
"score": "3.3",
"severity": "low",
"suppressed": null,
"published": "2023-02-23T15:15:12.393000-05:00",
"modified": "2025-03-12T21:15:38.207000-04:00",
"commentary": null
},
{
"id": "GHSA-rjvj-673q-4hfw",
"package": "traceroute",
"score": null,
"severity": "critical",
"suppressed": "Exception: This result is a false positive; the indicated vulnerability only applies to the npm package, not the generic Linux utility.",
"published": "2020-09-04T13:54:31-04:00",
"modified": null,
"commentary": null
},
{
"id": "CVE-2021-21684",
"package": "git",
"score": "6.1",
"severity": "medium",
"suppressed": "Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.",
"published": "2021-10-06T19:15:06.977000-04:00",
"modified": "2024-11-21T05:48:49.770000-05:00",
"commentary": null
},
{
"id": "OSV-2021-777",
"package": "libxml2",
"score": null,
"severity": "high",
"suppressed": null,
"published": "2021-05-19T20:00:30.166614-04:00",
"modified": "2025-07-15T10:06:11.764231-04:00",
"commentary": null
},
{
"id": "CVE-2020-2136",
"package": "git",
"score": "5.4",
"severity": "medium",
"suppressed": "Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.",
"published": "2020-03-09T12:15:12.797000-04:00",
"modified": "2024-11-21T05:24:45.417000-05:00",
"commentary": null
},
{
"id": "CVE-2019-1003010",
"package": "git",
"score": "4.3",
"severity": "medium",
"suppressed": "Exception: This scan result is a false positive and refers instead to the git Jenkins plugins. Controllers do not install or run Jenkins.",
"published": "2019-02-06T11:29:00.563000-05:00",
"modified": "2024-11-21T04:17:44.057000-05:00",
"commentary": null
},
{
"id": "CVE-2019-20633",
"package": "patch",
"score": "5.5",
"severity": "medium",
"suppressed": null,
"published": "2020-03-25T13:15:14.013000-04:00",
"modified": "2024-11-21T04:38:55.590000-05:00",
"commentary": null
},
{
"id": "CVE-2019-14900",
"package": "fuse",
"score": "6.5",
"severity": "medium",
"suppressed": "Exception: This result is a false positive; Controllers do not run Hibernate ORM.",
"published": "2020-07-06T15:15:12.230000-04:00",
"modified": "2024-11-21T04:27:38.783000-05:00",
"commentary": null
},
{
"id": "CVE-2019-14860",
"package": "fuse",
"score": "6.5",
"severity": "medium",
"suppressed": "Exception: This result is a false positive; Controllers do not run Syndesis.",
"published": "2019-11-08T10:15:11.673000-05:00",
"modified": "2024-11-21T04:27:31.077000-05:00",
"commentary": null
},
{
"id": "CVE-2019-12749",
"package": "dbus",
"score": "7.1",
"severity": "high",
"suppressed": "Exception: False positive; Controllers run a version of dbus not subject to this vulnerability.",
"published": "2019-06-11T13:29:00-04:00",
"modified": "2024-12-06T14:15:18.790000-05:00",
"commentary": null
},
{
"id": "CVE-2019-6470",
"package": "bind",
"score": "7.5",
"severity": "high",
"suppressed": "Exception: Controller DHCP functionality is provided via systemd-networkd and so are not subject to vulnerabilities in dhcpcd.",
"published": "2019-11-01T19:15:10.510000-04:00",
"modified": "2025-04-11T14:55:14.483000-04:00",
"commentary": null
},
{
"id": "CVE-2016-2781",
"package": "coreutils",
"score": "4.6",
"severity": "medium",
"suppressed": null,
"published": "2017-02-07T10:59:00.333000-05:00",
"modified": "2025-06-09T16:15:25.013000-04:00",
"commentary": null
},
{
"id": "CVE-2013-4577",
"package": "grub",
"score": "2.1",
"severity": null,
"suppressed": "Exception: False positive; this is a Debian-specific vulnerability applicable only to Debian-based systems.",
"published": "2014-05-12T10:55:05.023000-04:00",
"modified": "2025-04-12T10:46:40.837000-04:00",
"commentary": null
},
{
"id": "CVE-2010-4226",
"package": "cpio",
"score": "7.2",
"severity": "high",
"suppressed": "Exception: False positive; this vulnerability only applies to systems that use RPM packaging, which Controllers do not.",
"published": "2014-02-06T12:00:03.167000-05:00",
"modified": "2025-06-09T15:15:22.147000-04:00",
"commentary": null
},
{
"id": "CVE-2024-10041",
"package": "linux-pam",
"score": "4.7",
"severity": "medium",
"suppressed": null,
"published": "2024-10-23T10:15:03.970000-04:00",
"modified": "2024-12-18T10:15:05.850000-05:00",
"commentary": null
},
{
"id": "CVE-2024-9143",
"package": "openssl",
"score": "4.3",
"severity": "medium",
"suppressed": null,
"published": "2024-10-16T13:15:18.130000-04:00",
"modified": "2024-11-21T09:54:04.817000-05:00",
"commentary": null
},
{
"id": "GHSA-vx24-x4mv-vwr5",
"package": "starship",
"score": "7.4",
"severity": "high",
"suppressed": null,
"published": "2024-07-26T17:24:18-04:00",
"modified": null,
"commentary": null
},
{
"id": "CVE-2024-22121",
"package": "zabbix-agent2",
"score": "6.1",
"severity": "medium",
"suppressed": "Exception: This result is a false positive; the vulnerability is only present on the .msi installer package for Windows.",
"published": "2024-08-12T09:38:16.070000-04:00",
"modified": "2024-12-10T16:19:19.810000-05:00",
"commentary": null
},
{
"id": "BIT-grafana-2024-8118",
"package": "grafana",
"score": null,
"severity": null,
"suppressed": null,
"published": null,
"modified": null,
"commentary": null
},
{
"id": "CVE-2024-8006",
"package": "libpcap",
"score": "4.4",
"severity": "medium",
"suppressed": null,
"published": "2024-08-30T20:15:05.743000-04:00",
"modified": "2024-09-19T17:46:03.447000-04:00",
"commentary": null
},
{
"id": "CVE-2024-7246",
"package": "grpc",
"score": "6.3",
"severity": "medium",
"suppressed": null,
"published": "2024-08-06T07:16:07.587000-04:00",
"modified": "2025-07-22T19:29:58.023000-04:00",
"commentary": null
},
{
"id": "CVE-2024-6119",
"package": "openssl",
"score": "7.5",
"severity": "high",
"suppressed": null,
"published": "2024-09-03T12:15:07-04:00",
"modified": "2025-06-03T10:51:54.117000-04:00",
"commentary": "Reduced severity: Bowtie considers the risk for this vulnerability reduced and will address it alongside normal upstream release cadence."
},
{
"id": "OSV-2024-919",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-08-15T20:09:34.461792-04:00",
"modified": "2025-03-06T09:20:56.754046-05:00",
"commentary": null
},
{
"id": "OSV-2024-831",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-08-15T20:03:12.871175-04:00",
"modified": "2025-03-07T09:24:40.166702-05:00",
"commentary": null
},
{
"id": "OSV-2024-440",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-05-06T20:06:11.033336-04:00",
"modified": "2025-07-01T10:30:06.613574-04:00",
"commentary": null
},
{
"id": "OSV-2024-396",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-04-30T20:11:24.552935-04:00",
"modified": "2025-07-01T10:29:52.935440-04:00",
"commentary": null
},
{
"id": "OSV-2024-395",
"package": "libpcap",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-04-30T20:04:54.392345-04:00",
"modified": "2024-08-31T10:18:45.876646-04:00",
"commentary": null
},
{
"id": "OSV-2024-371",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-04-29T20:08:27.982063-04:00",
"modified": "2025-05-18T10:24:27.459047-04:00",
"commentary": null
},
{
"id": "OSV-2024-330",
"package": "jq",
"score": null,
"severity": "medium",
"suppressed": null,
"published": "2024-04-29T20:00:31.577722-04:00",
"modified": "2024-05-27T10:01:02.168724-04:00",
"commentary": null
},
{
"id": "CVE-2023-34111",
"package": "grafana",
"score": "9.8",
"severity": "critical",
"suppressed": "Exception: Controllers do not use the TaosData Grafana plugin.",
"published": "2023-06-06T13:15:15.210000-04:00",
"modified": "2024-11-21T08:06:34.313000-05:00",
"commentary": null
},
{
"id": "CVE-2023-7256",
"package": "libpcap",
"score": "4.4",
"severity": "medium",
"suppressed": null,
"published": "2024-08-30T20:15:05.240000-04:00",
"modified": "2024-09-19T17:53:15.207000-04:00",
"commentary": null
},
{
"id": "CVE-2023-7216",
"package": "cpio",
"score": "5.3",
"severity": "medium",
"suppressed": null,
"published": "2024-02-05T10:15:08.903000-05:00",
"modified": "2024-11-21T08:45:32.120000-05:00",
"commentary": null
},
{
"id": "CVE-2023-6992",
"package": "zlib",
"score": "5.5",
"severity": "medium",
"suppressed": "Exception: This result is a false positive; the vulnerable version of zlib is a Cloudflare-specific package and not the upstream zlib package.",
"published": "2024-01-04T07:15:23.690000-05:00",
"modified": "2024-11-21T08:44:59.467000-05:00",
"commentary": null
},
{
"id": "CVE-2024-48958",
"package": "libarchive",
"score": "7.8",
"severity": "high",
"suppressed": null,
"published": "2024-10-09T22:15:03.057000-04:00",
"modified": "2024-12-02T14:58:37.067000-05:00",
"commentary": null
},
{
"id": "CVE-2024-48957",
"package": "libarchive",
"score": "7.8",
"severity": "high",
"suppressed": null,
"published": "2024-10-09T22:15:02.990000-04:00",
"modified": "2024-12-02T14:58:55.063000-05:00",
"commentary": null
},
{
"id": "BIT-rclone-2024-52522",
"package": "rclone",
"score": null,
"severity": null,
"suppressed": null,
"published": null,
"modified": null,
"commentary": null
}
],
"created": "2024-10-09T14:24:29.176073-04:00",
"package": 10310,
"next_scan": null,
"scanned": "2024-11-27T07:27:30.518652-05:00",
"id": 445,
"has_cdx": true,
"has_spdx": true,
"scanning": false,
"queued": false
}