From 0f33819c22083f4c45cac2b2edcad96d1a9f97d8 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 18 May 2020 14:27:41 +0200 Subject: [PATCH 001/109] WIP Example --- integrations/nmap/examples/local-network/scan.yaml | 8 ++++++++ integrations/nmap/examples/localhost/scan.yaml | 10 ++++++++++ integrations/nmap/examples/scan.nmap.org/scan.yaml | 8 ++++++++ integrations/nmap/readme.adoc | 6 ++++++ 4 files changed, 32 insertions(+) create mode 100644 integrations/nmap/examples/local-network/scan.yaml create mode 100644 integrations/nmap/examples/localhost/scan.yaml create mode 100644 integrations/nmap/examples/scan.nmap.org/scan.yaml create mode 100644 integrations/nmap/readme.adoc diff --git a/integrations/nmap/examples/local-network/scan.yaml b/integrations/nmap/examples/local-network/scan.yaml new file mode 100644 index 00000000..a6268363 --- /dev/null +++ b/integrations/nmap/examples/local-network/scan.yaml @@ -0,0 +1,8 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "nmap-local-network" +spec: + scanType: "nmap" + parameters: + - 192.168.0.0/24 diff --git a/integrations/nmap/examples/localhost/scan.yaml b/integrations/nmap/examples/localhost/scan.yaml new file mode 100644 index 00000000..e995900c --- /dev/null +++ b/integrations/nmap/examples/localhost/scan.yaml @@ -0,0 +1,10 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "nmap-localhost" +spec: + scanType: "nmap" + parameters: + # Note: Localhost here isn't "your" localhost, but the scanner container. + # This container doesn't have any ports open... + - localhost diff --git a/integrations/nmap/examples/scan.nmap.org/scan.yaml b/integrations/nmap/examples/scan.nmap.org/scan.yaml new file mode 100644 index 00000000..dad0121f --- /dev/null +++ b/integrations/nmap/examples/scan.nmap.org/scan.yaml @@ -0,0 +1,8 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "nmap-scanme.nmap.org" +spec: + scanType: "nmap" + parameters: + - scanme.nmap.org diff --git a/integrations/nmap/readme.adoc b/integrations/nmap/readme.adoc new file mode 100644 index 00000000..6d592873 --- /dev/null +++ b/integrations/nmap/readme.adoc @@ -0,0 +1,6 @@ += Nmap Scanner Integration + +[source,yaml] +---- +include::examples/localhost/scan.yaml[] +---- From de441e5b7a906dd3459608901bab243c6726acd6 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 18 May 2020 16:08:47 +0200 Subject: [PATCH 002/109] Add additional documtation and examples Co-authored-by: Jorge Estigarribia Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> --- .../nmap/examples/local-network/findings.yaml | 191 ++++++++++++++++++ .../nmap/examples/local-network/scan.yaml | 3 +- .../nmap/examples/localhost/findings.yaml | 16 ++ .../nmap/examples/scan.nmap.org/findings.yaml | 177 ++++++++++++++++ integrations/nmap/readme.adoc | 6 - integrations/nmap/readme.md | 60 ++++++ 6 files changed, 446 insertions(+), 7 deletions(-) create mode 100644 integrations/nmap/examples/local-network/findings.yaml create mode 100644 integrations/nmap/examples/localhost/findings.yaml create mode 100644 integrations/nmap/examples/scan.nmap.org/findings.yaml delete mode 100644 integrations/nmap/readme.adoc create mode 100644 integrations/nmap/readme.md diff --git a/integrations/nmap/examples/local-network/findings.yaml b/integrations/nmap/examples/local-network/findings.yaml new file mode 100644 index 00000000..d2b33e20 --- /dev/null +++ b/integrations/nmap/examples/local-network/findings.yaml @@ -0,0 +1,191 @@ +[ + { + "name": "Host: fritz.box", + "category": "Host", + "description": "Found a host", + "location": "fritz.box", + "severity": "INFORMATIONAL", + "osi_layer": "NETWORK", + "attributes": { + "ip_address": "192.168.178.1", + "hostname": "fritz.box", + "operating_system": null + }, + "id": "e0752104-b144-469c-92b7-1fdbc8fe7bd7" + }, + { + "name": "domain", + "description": "Port 53 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://192.168.178.1:53", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 53, + "state": "open", + "ip_address": "192.168.178.1", + "mac_address": null, + "protocol": "tcp", + "hostname": "fritz.box", + "method": "table", + "operating_system": null, + "service": "domain", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "fc3477a1-f939-4082-87da-cb9ecd839ba4" + }, + { + "name": "http", + "description": "Port 80 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://192.168.178.1:80", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 80, + "state": "open", + "ip_address": "192.168.178.1", + "mac_address": null, + "protocol": "tcp", + "hostname": "fritz.box", + "method": "table", + "operating_system": null, + "service": "http", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "e7a47bc6-4a14-4e94-b3c2-04e8ea6bde5e" + }, + { + "name": "https", + "description": "Port 443 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://192.168.178.1:443", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 443, + "state": "open", + "ip_address": "192.168.178.1", + "mac_address": null, + "protocol": "tcp", + "hostname": "fritz.box", + "method": "table", + "operating_system": null, + "service": "https", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "a7a12bb6-bb33-469e-9f30-2e91b280ffcd" + }, + { + "name": "sip", + "description": "Port 5060 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://192.168.178.1:5060", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 5060, + "state": "open", + "ip_address": "192.168.178.1", + "mac_address": null, + "protocol": "tcp", + "hostname": "fritz.box", + "method": "table", + "operating_system": null, + "service": "sip", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "ebf2f79e-415c-4837-8a68-d60070b1befa" + }, + { + "name": "unknown", + "description": "Port 8089 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://192.168.178.1:8089", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 8089, + "state": "open", + "ip_address": "192.168.178.1", + "mac_address": null, + "protocol": "tcp", + "hostname": "fritz.box", + "method": "table", + "operating_system": null, + "service": "unknown", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "cf956977-0aa7-4d90-b993-37e8b35b2265" + }, + { + "name": "intermapper", + "description": "Port 8181 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://192.168.178.1:8181", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 8181, + "state": "open", + "ip_address": "192.168.178.1", + "mac_address": null, + "protocol": "tcp", + "hostname": "fritz.box", + "method": "table", + "operating_system": null, + "service": "intermapper", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "c3c1f244-1961-4194-8b91-5d117907b854" + }, + { + "name": "Host: foobars-iPhone.fritz.box", + "category": "Host", + "description": "Found a host", + "location": "foobars-iPhone.fritz.box", + "severity": "INFORMATIONAL", + "osi_layer": "NETWORK", + "attributes": { + "ip_address": "192.168.178.21", + "hostname": "foobars-iPhone.fritz.box", + "operating_system": null + }, + "id": "53eca5bd-cf96-4aaf-a6ce-55a4ff84a4b3" + }, + { + "name": "iphone-sync", + "description": "Port 62078 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://192.168.178.26:62078", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 62078, + "state": "open", + "ip_address": "192.168.178.21", + "mac_address": null, + "protocol": "tcp", + "hostname": "foobars-iPhone.fritz.box", + "method": "table", + "operating_system": null, + "service": "iphone-sync", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "23687489-b52a-4fd9-8bae-7a04842b2183" + } +] diff --git a/integrations/nmap/examples/local-network/scan.yaml b/integrations/nmap/examples/local-network/scan.yaml index a6268363..bf8fcae5 100644 --- a/integrations/nmap/examples/local-network/scan.yaml +++ b/integrations/nmap/examples/local-network/scan.yaml @@ -5,4 +5,5 @@ metadata: spec: scanType: "nmap" parameters: - - 192.168.0.0/24 + # Actual IP will depend on you network config. πŸ€·β€ + - 192.168.178.0/24 diff --git a/integrations/nmap/examples/localhost/findings.yaml b/integrations/nmap/examples/localhost/findings.yaml new file mode 100644 index 00000000..32fcefa7 --- /dev/null +++ b/integrations/nmap/examples/localhost/findings.yaml @@ -0,0 +1,16 @@ +[ + { + "name": "Host: localhost", + "category": "Host", + "description": "Found a host", + "location": "localhost", + "severity": "INFORMATIONAL", + "osi_layer": "NETWORK", + "attributes": { + "ip_address": "127.0.0.1", + "hostname": "localhost", + "operating_system": null + }, + "id": "9dced98c-eab8-4918-9f2d-ffb54df8436b" + } +] diff --git a/integrations/nmap/examples/scan.nmap.org/findings.yaml b/integrations/nmap/examples/scan.nmap.org/findings.yaml new file mode 100644 index 00000000..2c59f192 --- /dev/null +++ b/integrations/nmap/examples/scan.nmap.org/findings.yaml @@ -0,0 +1,177 @@ +[ + { + "name": "ssh", + "description": "Port 22 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://45.33.32.156:22", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 22, + "state": "open", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "ssh", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "0903c2b6-b3c3-4fb3-9661-3ce995044fdd" + }, + { + "name": "http", + "description": "Port 80 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://45.33.32.156:80", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 80, + "state": "open", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "http", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "6235f66d-a851-4e24-8367-6fd528f71795" + }, + { + "name": "msrpc", + "description": "Port 135 is filtered using tcp protocol.", + "category": "Open Port", + "location": "tcp://45.33.32.156:135", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 135, + "state": "filtered", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "msrpc", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "831cd5a2-0860-4f11-9727-771f111a3538" + }, + { + "name": "netbios-ssn", + "description": "Port 139 is filtered using tcp protocol.", + "category": "Open Port", + "location": "tcp://45.33.32.156:139", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 139, + "state": "filtered", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "netbios-ssn", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "eb4cbbda-c303-42c8-851f-6b3759713f85" + }, + { + "name": "microsoft-ds", + "description": "Port 445 is filtered using tcp protocol.", + "category": "Open Port", + "location": "tcp://45.33.32.156:445", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 445, + "state": "filtered", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "microsoft-ds", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "cee96358-93ea-4b1b-ab69-1bc8220015e6" + }, + { + "name": "nping-echo", + "description": "Port 9929 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://45.33.32.156:9929", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 9929, + "state": "open", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "nping-echo", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "4720cb35-87e3-4346-ab63-6434e1384efe" + }, + { + "name": "Elite", + "description": "Port 31337 is open using tcp protocol.", + "category": "Open Port", + "location": "tcp://45.33.32.156:31337", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "port": 31337, + "state": "open", + "ip_address": "45.33.32.156", + "mac_address": null, + "protocol": "tcp", + "hostname": "scanme.nmap.org", + "method": "table", + "operating_system": null, + "service": "Elite", + "serviceProduct": null, + "serviceVersion": null, + "scripts": null + }, + "id": "1ceb1c93-e77f-41dc-a3fc-b1d04cec6a5e" + }, + { + "name": "Host: scanme.nmap.org", + "category": "Host", + "description": "Found a host", + "location": "scanme.nmap.org", + "severity": "INFORMATIONAL", + "osi_layer": "NETWORK", + "attributes": { + "ip_address": "45.33.32.156", + "hostname": "scanme.nmap.org", + "operating_system": null + }, + "id": "997e572f-13af-483a-aee6-6ce05e931daf" + } +] diff --git a/integrations/nmap/readme.adoc b/integrations/nmap/readme.adoc deleted file mode 100644 index 6d592873..00000000 --- a/integrations/nmap/readme.adoc +++ /dev/null @@ -1,6 +0,0 @@ -= Nmap Scanner Integration - -[source,yaml] ----- -include::examples/localhost/scan.yaml[] ----- diff --git a/integrations/nmap/readme.md b/integrations/nmap/readme.md new file mode 100644 index 00000000..623d2cbe --- /dev/null +++ b/integrations/nmap/readme.md @@ -0,0 +1,60 @@ +--- +title: "Nmap" +path: "scanner/Nmap" +category: "scanner" +usecase: "Network Scanner" +release: "https://img.shields.io/github/release/secureCodeBox/scanner-infrastructure-nmap.svg" +--- + +![Nmap logo](https://nmap.org/images/sitelogo.png) + +Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. + +To learn more about the Nmap scanner itself visit [nmap.org]. + + + +## Deployment + +The Nmap ScanType can be deployed via helm. + +```bash +helm install nmap ./integrations/nmap/ +``` + +## Examples + +A set of examples can be found in the [examples](./examples) folder. + +## Nmap Configuration + +The nmap scan target is set via the targets location of the securityTest. The target should be a Hostname or an IP Address. + +Additional nmap scan features can be configured via the parameter attribute. For a detailed explanation to which parameters are available refer to the [Nmap Reference Guide](https://nmap.org/book/man.html). All parameters are supported, but be careful with parameters that require root level rights, as these require additional configuration on the ScanType to be supported. + +Some useful example parameters listed below: + +- `-p` xx: Scan ports of the target. Replace xx with a single port number or + a range of ports. +- `-PS`, `-PA`, `-PU` xx: Replace xx with the ports to scan. TCP SYN/ACK or + UDP discovery. +- `-sV`: Determine service and version info. +- `-O`: Determine OS info. **Note:** This requires the the user to be run as root or the system capabilities to be extended to allow nmap to send raw sockets. See more information on [how to deploy the secureCodeBox nmap container to allow this](https://github.com/secureCodeBox/scanner-infrastructure-nmap/pull/20) and the [nmap docs about priviliged scans](https://secwiki.org/w/Running_nmap_as_an_unprivileged_user) +- `-A`: Determine service/version and OS info. +- `-script` xx: Replace xx with the script name. Start the scan with the given script. +- `--script` xx: Replace xx with a coma-separated list of scripts. Start the scan with the given scripts. + +## Development + +### Local setup + +1. Clone the repository +2. Install the dependencies `npm install` + +### Test + +To run the testsuite run: + +```bash +npm test +``` From 1b6b08bc990d66a9366fce5c0eaf3305fe9d1200 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 12:09:20 +0200 Subject: [PATCH 003/109] Renamed PersistenceProvider to ReadOnly ScanCompletion Hook Co-authored-by: Jorge Estigarribia Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> Co-authored-by: Robert Seedorff --- ...rovider_types.go => scancompletionhook.go} | 40 +++++--- .../execution/v1/zz_generated.deepcopy.go | 92 +++++++++--------- ...securecodebox.io_scancompletionhooks.yaml} | 32 ++++--- operator/config/crd/kustomization.yaml | 2 +- operator/config/rbac/role.yaml | 2 +- operator/config/samples/Dockerfile | 2 + .../execution_v1_persistenceprovider.yaml | 13 +-- .../controllers/execution/scan_controller.go | 96 +++++++++++-------- 8 files changed, 157 insertions(+), 122 deletions(-) rename operator/apis/execution/v1/{persistenceprovider_types.go => scancompletionhook.go} (54%) rename operator/config/crd/bases/{execution.experimental.securecodebox.io_persistenceproviders.yaml => execution.experimental.securecodebox.io_scancompletionhooks.yaml} (87%) create mode 100644 operator/config/samples/Dockerfile diff --git a/operator/apis/execution/v1/persistenceprovider_types.go b/operator/apis/execution/v1/scancompletionhook.go similarity index 54% rename from operator/apis/execution/v1/persistenceprovider_types.go rename to operator/apis/execution/v1/scancompletionhook.go index fc026f3e..6e8aa505 100644 --- a/operator/apis/execution/v1/persistenceprovider_types.go +++ b/operator/apis/execution/v1/scancompletionhook.go @@ -24,43 +24,55 @@ import ( // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. -// PersistenceProviderSpec defines the desired state of PersistenceProvider -type PersistenceProviderSpec struct { +// HookType Defines weather the hook should be able to change the findings or is run in a read only mode. +type HookType string + +const ( + // ReadOnly ReadOnly Hooks are executed in parallel + ReadOnly HookType = "ReadOnly" + // ReadAndWrite ReadAndWrite Hooks are executed serially + ReadAndWrite HookType = "ReadAndWrite" +) + +// ScanCompletionHookSpec defines the desired state of ScanCompletionHook +type ScanCompletionHookSpec struct { // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // Important: Run "make" to regenerate code after modifying this file - // Foo is an example field of PersistenceProvider. Edit PersistenceProvider_types.go to remove/update + // Image is the container image for the hooks kubernetes job Image string `json:"image,omitempty"` Env []corev1.EnvVar `json:"env,omitempty"` + Type HookType `json:"type"` } -// PersistenceProviderStatus defines the observed state of PersistenceProvider -type PersistenceProviderStatus struct { +// ScanCompletionHookStatus defines the observed state of ScanCompletionHook +type ScanCompletionHookStatus struct { // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster // Important: Run "make" to regenerate code after modifying this file } // +kubebuilder:object:root=true -// +kubebuilder:printcolumn:name="Image",type=string,JSONPath=`.spec.image`,description="PersistenceProvider Image" +// +kubebuilder:printcolumn:name="Type",type=string,JSONPath=`.spec.type`,description="ScanCompletionHook Type" +// +kubebuilder:printcolumn:name="Image",type=string,JSONPath=`.spec.image`,description="ScanCompletionHook Image" -// PersistenceProvider is the Schema for the persistenceproviders API -type PersistenceProvider struct { +// ScanCompletionHook is the Schema for the ScanCompletionHooks API +type ScanCompletionHook struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec PersistenceProviderSpec `json:"spec,omitempty"` - Status PersistenceProviderStatus `json:"status,omitempty"` + Spec ScanCompletionHookSpec `json:"spec,omitempty"` + Status ScanCompletionHookStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true -// PersistenceProviderList contains a list of PersistenceProvider -type PersistenceProviderList struct { +// ScanCompletionHookList contains a list of ScanCompletionHook +type ScanCompletionHookList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []PersistenceProvider `json:"items"` + Items []ScanCompletionHook `json:"items"` } func init() { - SchemeBuilder.Register(&PersistenceProvider{}, &PersistenceProviderList{}) + SchemeBuilder.Register(&ScanCompletionHook{}, &ScanCompletionHookList{}) } diff --git a/operator/apis/execution/v1/zz_generated.deepcopy.go b/operator/apis/execution/v1/zz_generated.deepcopy.go index 3e6ae566..3795fe95 100644 --- a/operator/apis/execution/v1/zz_generated.deepcopy.go +++ b/operator/apis/execution/v1/zz_generated.deepcopy.go @@ -168,26 +168,26 @@ func (in *ParseDefinitionStatus) DeepCopy() *ParseDefinitionStatus { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistenceProvider) DeepCopyInto(out *PersistenceProvider) { +func (in *Scan) DeepCopyInto(out *Scan) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status + in.Status.DeepCopyInto(&out.Status) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistenceProvider. -func (in *PersistenceProvider) DeepCopy() *PersistenceProvider { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Scan. +func (in *Scan) DeepCopy() *Scan { if in == nil { return nil } - out := new(PersistenceProvider) + out := new(Scan) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PersistenceProvider) DeepCopyObject() runtime.Object { +func (in *Scan) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -195,31 +195,26 @@ func (in *PersistenceProvider) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistenceProviderList) DeepCopyInto(out *PersistenceProviderList) { +func (in *ScanCompletionHook) DeepCopyInto(out *ScanCompletionHook) { *out = *in out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]PersistenceProvider, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistenceProviderList. -func (in *PersistenceProviderList) DeepCopy() *PersistenceProviderList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScanCompletionHook. +func (in *ScanCompletionHook) DeepCopy() *ScanCompletionHook { if in == nil { return nil } - out := new(PersistenceProviderList) + out := new(ScanCompletionHook) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *PersistenceProviderList) DeepCopyObject() runtime.Object { +func (in *ScanCompletionHook) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -227,69 +222,74 @@ func (in *PersistenceProviderList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistenceProviderSpec) DeepCopyInto(out *PersistenceProviderSpec) { +func (in *ScanCompletionHookList) DeepCopyInto(out *ScanCompletionHookList) { *out = *in - if in.Env != nil { - in, out := &in.Env, &out.Env - *out = make([]corev1.EnvVar, len(*in)) + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ScanCompletionHook, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistenceProviderSpec. -func (in *PersistenceProviderSpec) DeepCopy() *PersistenceProviderSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScanCompletionHookList. +func (in *ScanCompletionHookList) DeepCopy() *ScanCompletionHookList { if in == nil { return nil } - out := new(PersistenceProviderSpec) + out := new(ScanCompletionHookList) in.DeepCopyInto(out) return out } +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ScanCompletionHookList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PersistenceProviderStatus) DeepCopyInto(out *PersistenceProviderStatus) { +func (in *ScanCompletionHookSpec) DeepCopyInto(out *ScanCompletionHookSpec) { *out = *in + if in.Env != nil { + in, out := &in.Env, &out.Env + *out = make([]corev1.EnvVar, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PersistenceProviderStatus. -func (in *PersistenceProviderStatus) DeepCopy() *PersistenceProviderStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScanCompletionHookSpec. +func (in *ScanCompletionHookSpec) DeepCopy() *ScanCompletionHookSpec { if in == nil { return nil } - out := new(PersistenceProviderStatus) + out := new(ScanCompletionHookSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Scan) DeepCopyInto(out *Scan) { +func (in *ScanCompletionHookStatus) DeepCopyInto(out *ScanCompletionHookStatus) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Scan. -func (in *Scan) DeepCopy() *Scan { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScanCompletionHookStatus. +func (in *ScanCompletionHookStatus) DeepCopy() *ScanCompletionHookStatus { if in == nil { return nil } - out := new(Scan) + out := new(ScanCompletionHookStatus) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Scan) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ScanList) DeepCopyInto(out *ScanList) { *out = *in diff --git a/operator/config/crd/bases/execution.experimental.securecodebox.io_persistenceproviders.yaml b/operator/config/crd/bases/execution.experimental.securecodebox.io_scancompletionhooks.yaml similarity index 87% rename from operator/config/crd/bases/execution.experimental.securecodebox.io_persistenceproviders.yaml rename to operator/config/crd/bases/execution.experimental.securecodebox.io_scancompletionhooks.yaml index 6e51a957..5b7d72d0 100644 --- a/operator/config/crd/bases/execution.experimental.securecodebox.io_persistenceproviders.yaml +++ b/operator/config/crd/bases/execution.experimental.securecodebox.io_scancompletionhooks.yaml @@ -6,25 +6,28 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: persistenceproviders.execution.experimental.securecodebox.io + name: scancompletionhooks.execution.experimental.securecodebox.io spec: additionalPrinterColumns: + - JSONPath: .spec.type + description: ScanCompletionHook Type + name: Type + type: string - JSONPath: .spec.image - description: PersistenceProvider Image + description: ScanCompletionHook Image name: Image type: string group: execution.experimental.securecodebox.io names: - kind: PersistenceProvider - listKind: PersistenceProviderList - plural: persistenceproviders - singular: persistenceprovider + kind: ScanCompletionHook + listKind: ScanCompletionHookList + plural: scancompletionhooks + singular: scancompletionhook scope: Namespaced subresources: {} validation: openAPIV3Schema: - description: PersistenceProvider is the Schema for the persistenceproviders - API + description: ScanCompletionHook is the Schema for the ScanCompletionHooks API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -39,7 +42,7 @@ spec: metadata: type: object spec: - description: PersistenceProviderSpec defines the desired state of PersistenceProvider + description: ScanCompletionHookSpec defines the desired state of ScanCompletionHook properties: env: items: @@ -140,12 +143,17 @@ spec: type: object type: array image: - description: Foo is an example field of PersistenceProvider. Edit PersistenceProvider_types.go - to remove/update + description: Image is the container image for the hooks kubernetes job + type: string + type: + description: HookType Defines weather the hook should be able to change + the findings or is run in a read only mode. type: string + required: + - type type: object status: - description: PersistenceProviderStatus defines the observed state of PersistenceProvider + description: ScanCompletionHookStatus defines the observed state of ScanCompletionHook type: object type: object version: v1 diff --git a/operator/config/crd/kustomization.yaml b/operator/config/crd/kustomization.yaml index edd74da9..f3f614c1 100644 --- a/operator/config/crd/kustomization.yaml +++ b/operator/config/crd/kustomization.yaml @@ -4,7 +4,7 @@ resources: - bases/execution.experimental.securecodebox.io_scans.yaml - bases/execution.experimental.securecodebox.io_scantypes.yaml -- bases/execution.experimental.securecodebox.io_persistenceproviders.yaml +- bases/execution.experimental.securecodebox.io_scancompletionhooks.yaml - bases/execution.experimental.securecodebox.io_parsedefinitions.yaml - bases/execution.experimental.securecodebox.io_scheduledscans.yaml - bases/targets.experimental.securecodebox.io_hosts.yaml diff --git a/operator/config/rbac/role.yaml b/operator/config/rbac/role.yaml index 681c96db..b1bd525a 100644 --- a/operator/config/rbac/role.yaml +++ b/operator/config/rbac/role.yaml @@ -44,7 +44,7 @@ rules: - apiGroups: - execution.experimental.securecodebox.io resources: - - persistenceproviders + - scancompletionhooks verbs: - get - list diff --git a/operator/config/samples/Dockerfile b/operator/config/samples/Dockerfile new file mode 100644 index 00000000..e793fbe8 --- /dev/null +++ b/operator/config/samples/Dockerfile @@ -0,0 +1,2 @@ +FROM alpine +CMD [sleep, 5s] \ No newline at end of file diff --git a/operator/config/samples/execution_v1_persistenceprovider.yaml b/operator/config/samples/execution_v1_persistenceprovider.yaml index 05c98a47..5d316ea0 100644 --- a/operator/config/samples/execution_v1_persistenceprovider.yaml +++ b/operator/config/samples/execution_v1_persistenceprovider.yaml @@ -1,11 +1,8 @@ apiVersion: execution.experimental.securecodebox.io/v1 -kind: PersistenceProvider +kind: ScanCompletionHook metadata: - name: "persistence-elastic" - labels: - type: Structured + name: "sleep" spec: - image: "scbexperimental/persistence-elastic:latest" - env: - - name: ELASTICSEARCH_ADDRESS - value: "http://elasticsearch-master:9200" + image: "sleep" + type: "ReadOnly" + env: [] diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 5427bf90..68b03254 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -62,9 +62,9 @@ var s3StorageFinalizer = "s3.storage.experimental.securecodebox.io" // +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scans/status,verbs=get;update;patch // +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scantypes,verbs=get;list;watch // +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=parsedefinitions,verbs=get;list;watch -// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=persistenceproviders,verbs=get;list;watch +// +kubebuilder:rbac:groups=execution.experimental.securecodebox.io,resources=scancompletionhooks,verbs=get;list;watch // +kubebuilder:rbac:groups=batch,resources=jobs,verbs=get;list;watch;create;update;patch;delete -// Permissions needed to create service accounts for lurcher, parser and persistence providers +// Permissions needed to create service accounts for lurcher, parser and scanCompletionHooks // Pod permission are required to grant these permission to service accounts // +kubebuilder:rbac:groups=core,resources=pods,verbs=get @@ -113,9 +113,9 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { case "Parsing": err = r.checkIfParsingIsCompleted(&scan) case "ParseCompleted": - err = r.startPersistenceProvider(&scan) - case "Persisting": - err = r.checkIfPersistingIsCompleted(&scan) + err = r.startReadOnlyHooks(&scan) + case "ReadOnlyHookProcessing": + err = r.checkIfReadOnlyHookIsCompleted(&scan) } if err != nil { return ctrl.Result{}, err @@ -635,20 +635,34 @@ func (r *ScanReconciler) PresignedGetURL(scanID types.UID, filename string) (str return rawResultDownloadURL.String(), nil } -func (r *ScanReconciler) startPersistenceProvider(scan *executionv1.Scan) error { +func (r *ScanReconciler) startReadOnlyHooks(scan *executionv1.Scan) error { ctx := context.Background() - var persistenceProviders executionv1.PersistenceProviderList - if err := r.List(ctx, &persistenceProviders, client.InNamespace(scan.Namespace)); err != nil { - r.Log.V(7).Info("Unable to fetch PersistenceProvider") + var scanCompletionHooks executionv1.ScanCompletionHookList + + if err := r.List(ctx, &scanCompletionHooks, client.InNamespace(scan.Namespace)); err != nil { + r.Log.V(7).Info("Unable to fetch ScanCompletionHooks") return err } - if len(persistenceProviders.Items) == 0 { - r.Log.V(5).Info("Marked scan as done as without running persistence providers as non were configured", "ScanName", scan.Name) + r.Log.Info("Found ScanCompletionHooks", "ScanCompletionHooks", len(scanCompletionHooks.Items)) + + readOnlyHooks := []executionv1.ScanCompletionHook{} + // filter all ReadOnlyHooks in the scamCompletionHooks list + for _, hook := range scanCompletionHooks.Items { + if hook.Spec.Type == executionv1.ReadOnly { + readOnlyHooks = append(readOnlyHooks, hook) + } + } + + r.Log.Info("Found ReadOnlyHooks", "ReadOnlyHooks", len(readOnlyHooks)) + + // If the readOnlyHooks list is empty, nothing more to do + if len(readOnlyHooks) == 0 { + r.Log.Info("Marked scan as done as without running ReadOnly hooks as non were configured", "ScanName", scan.Name) scan.Status.State = "Done" if err := r.Status().Update(ctx, scan); err != nil { - r.Log.Error(err, "unable to update Scan status") + r.Log.Error(err, "Unable to update Scan status") return err } return nil @@ -661,14 +675,15 @@ func (r *ScanReconciler) startPersistenceProvider(scan *executionv1.Scan) error Verbs: []string{"get"}, }, } + serviceAccountName := "scan-completion-hook" r.ensureServiceAccountExists( scan.Namespace, - "persistence", - "PersistenceProvider need to access the current scan to view where its results are stored", + serviceAccountName, + "ScanCompletionHooks need to access the current scan to view where its results are stored", rules, ) - for _, persistenceProvider := range persistenceProviders.Items { + for _, hook := range readOnlyHooks { rawFileURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile) if err != nil { return err @@ -693,15 +708,16 @@ func (r *ScanReconciler) startPersistenceProvider(scan *executionv1.Scan) error }, } + // Starting a new job based on the current ReadOnlyHook labels := scan.ObjectMeta.DeepCopy().Labels if labels == nil { labels = make(map[string]string) } - labels["experimental.securecodebox.io/job-type"] = "persistence" + labels["experimental.securecodebox.io/job-type"] = "read-only-hook" job := &batch.Job{ ObjectMeta: metav1.ObjectMeta{ Annotations: make(map[string]string), - Name: fmt.Sprintf("%s-%s", persistenceProvider.Name, scan.Name), + Name: fmt.Sprintf("%s-%s", hook.Name, scan.Name), Namespace: scan.Namespace, Labels: labels, }, @@ -713,17 +729,17 @@ func (r *ScanReconciler) startPersistenceProvider(scan *executionv1.Scan) error }, }, Spec: corev1.PodSpec{ - ServiceAccountName: "persistence", + ServiceAccountName: serviceAccountName, RestartPolicy: corev1.RestartPolicyNever, Containers: []corev1.Container{ { - Name: "persistence", - Image: persistenceProvider.Spec.Image, + Name: "hook", + Image: hook.Spec.Image, Args: []string{ rawFileURL, findingsFileURL, }, - Env: append(persistenceProvider.Spec.Env, standardEnvVars...), + Env: append(hook.Spec.Env, standardEnvVars...), ImagePullPolicy: "IfNotPresent", }, }, @@ -738,17 +754,17 @@ func (r *ScanReconciler) startPersistenceProvider(scan *executionv1.Scan) error } if err := r.Create(ctx, job); err != nil { - r.Log.Error(err, "unable to create Job for Parser", "job", job) + r.Log.Error(err, "Unable to create Job for ReadOnlyHook", "job", job) return err } } - scan.Status.State = "Persisting" + scan.Status.State = "ReadOnlyHookProcessing" if err := r.Status().Update(ctx, scan); err != nil { - r.Log.Error(err, "unable to update Scan status") + r.Log.Error(err, "Unable to update Scan status") return err } - r.Log.Info("Started PersistenceProviders", "PersistenceProviderCount", len(persistenceProviders.Items)) + r.Log.Info("Started ReadOnlyHook", "ReadOnlyHookCount", len(readOnlyHooks)) return nil } @@ -769,45 +785,45 @@ func allJobsCompleted(jobs *batch.JobList) jobCompletionType { return incomplete } -func (r *ScanReconciler) checkIfPersistingIsCompleted(scan *executionv1.Scan) error { +func (r *ScanReconciler) checkIfReadOnlyHookIsCompleted(scan *executionv1.Scan) error { ctx := context.Background() // check if k8s job for scan was already created - var childPersistenceJobs batch.JobList + var readOnlyHookJobs batch.JobList if err := r.List( ctx, - &childPersistenceJobs, + &readOnlyHookJobs, client.InNamespace(scan.Namespace), client.MatchingField(ownerKey, scan.Name), client.MatchingLabels{ - "experimental.securecodebox.io/job-type": "persistence", + "experimental.securecodebox.io/job-type": "read-only-hook", }, ); err != nil { - r.Log.Error(err, "unable to list child jobs") + r.Log.Error(err, "Unable to list child jobs") return err } - r.Log.V(9).Info("Got related jobs", "count", len(childPersistenceJobs.Items)) + r.Log.V(9).Info("Got related jobs", "count", len(readOnlyHookJobs.Items)) - persistenceCompletion := allJobsCompleted(&childPersistenceJobs) - if persistenceCompletion == completed { - r.Log.V(7).Info("All PersistenceProviders have completed") + readOnlyHookCompletion := allJobsCompleted(&readOnlyHookJobs) + if readOnlyHookCompletion == completed { + r.Log.V(7).Info("All ReadOnlyHooks have completed") scan.Status.State = "Done" if err := r.Status().Update(ctx, scan); err != nil { - r.Log.Error(err, "unable to update Scan status") + r.Log.Error(err, "Unable to update Scan status") return err } - } else if persistenceCompletion == failed { - r.Log.Info("At least one PersistenceProvider failed") + } else if readOnlyHookCompletion == failed { + r.Log.Info("At least one ReadOnlyHook failed") scan.Status.State = "Errored" - scan.Status.ErrorDescription = "At least one PersistenceProvider failed, check the persistence kubernetes jobs related to the scan for more details." + scan.Status.ErrorDescription = "At least one ReadOnlyHook failed, check the hooks kubernetes jobs related to the scan for more details." if err := r.Status().Update(ctx, scan); err != nil { - r.Log.Error(err, "unable to update Scan status") + r.Log.Error(err, "Unable to update Scan status") return err } } - // PersistenceProvider(s) are still running. At least some of them are. + // ReadOnlyHook(s) are still running. At least some of them are. // Waiting until all are done. return nil } From fb8a9f15bda4cea735e75e9709ed91604cd54b33 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 15:03:33 +0200 Subject: [PATCH 004/109] WIP Co-authored-by: Jorge Estigarribia Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> --- operator/apis/execution/v1/scan_types.go | 20 ++++++++++++ ...n.experimental.securecodebox.io_scans.yaml | 15 +++++++++ operator/config/samples/Dockerfile | 2 +- ...er.yaml => execution_v1_readonlyhook.yaml} | 0 .../execution_v1_scan/nmap_localhost.yaml | 32 ++++++++++++++++--- .../controllers/execution/scan_controller.go | 17 ++++++++++ .../templates/persistence-provider.yaml | 3 +- 7 files changed, 83 insertions(+), 6 deletions(-) rename operator/config/samples/{execution_v1_persistenceprovider.yaml => execution_v1_readonlyhook.yaml} (100%) diff --git a/operator/apis/execution/v1/scan_types.go b/operator/apis/execution/v1/scan_types.go index 0d45ab6f..d54b0651 100644 --- a/operator/apis/execution/v1/scan_types.go +++ b/operator/apis/execution/v1/scan_types.go @@ -45,6 +45,26 @@ type ScanStatus struct { RawResultFile string `json:"rawResultFile,omitempty"` Findings FindingStats `json:"findings,omitempty"` + + ReadAndWriteHookStatus []HookStatus `json:"readAndWriteHookStatus,omitempty"` +} + +// HookState Describes the State of a Hook on a Scan +type HookState string + +const ( + Pending HookState = "Pending" + InProgress HookState = "InProgress" + Completed HookState = "Completed" + + // Cancelled HookState = "Cancelled" + // Failed HookState = "Failed" +) + +type HookStatus struct { + HookName string `json:"hookName"` + State HookState `json:"state"` + JobName string `json:"jobName"` } // FindingStats contains the general stats about the results of the scan diff --git a/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml b/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml index 1d860020..e370e357 100644 --- a/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml +++ b/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml @@ -113,6 +113,21 @@ spec: description: RawResultType determines which kind of ParseDefinition will be used to turn the raw results of the scanner into findings type: string + readAndWriteHookStatus: + items: + properties: + hookName: + type: string + jobName: + type: string + state: + type: string + required: + - hookName + - jobName + - state + type: object + type: array state: type: string type: object diff --git a/operator/config/samples/Dockerfile b/operator/config/samples/Dockerfile index e793fbe8..ebcf62a3 100644 --- a/operator/config/samples/Dockerfile +++ b/operator/config/samples/Dockerfile @@ -1,2 +1,2 @@ FROM alpine -CMD [sleep, 5s] \ No newline at end of file +ENTRYPOINT [sleep, 5s] \ No newline at end of file diff --git a/operator/config/samples/execution_v1_persistenceprovider.yaml b/operator/config/samples/execution_v1_readonlyhook.yaml similarity index 100% rename from operator/config/samples/execution_v1_persistenceprovider.yaml rename to operator/config/samples/execution_v1_readonlyhook.yaml diff --git a/operator/config/samples/execution_v1_scan/nmap_localhost.yaml b/operator/config/samples/execution_v1_scan/nmap_localhost.yaml index 3ddbab40..c6c27113 100644 --- a/operator/config/samples/execution_v1_scan/nmap_localhost.yaml +++ b/operator/config/samples/execution_v1_scan/nmap_localhost.yaml @@ -1,9 +1,33 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" +apiVersion: execution.experimental.securecodebox.io/v1 kind: Scan metadata: - name: "nmap-localhost" + finalizers: + - s3.storage.experimental.securecodebox.io + name: nmap-localhost + namespace: default spec: - scanType: "nmap" parameters: - - "-Pn" + - -Pn - localhost + scanType: nmap +status: + state: Errored + errorDescription: At least one ReadOnlyHook failed, check the hooks kubernetes jobs related to the scan for more details. + findings: + categories: + Host: 1 + count: 1 + severities: + informational: 1 + rawResultFile: nmap-results.xml + rawResultType: nmap-xml + readAndWriteHookStatus: + - hookName: luy-metadata + state: Completed + jobName: luy-metadata-123123 + - hookName: finding-priority + state: Error + jobName: finding-priority-123123 + error: "Job failed" + - hookName: hook-3 + state: Pending diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 68b03254..64327559 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -113,6 +113,23 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { case "Parsing": err = r.checkIfParsingIsCompleted(&scan) case "ParseCompleted": + // Hook status erstellen + // List all ReadAndWrite Hook -> Hook Status an Scan hΓ€ngen + // Scan State auf ReadAndWriteHookProcessing setzen + case "ReadAndWriteHookProcessing": + // Hook Status Array durchgegen + + // hook := First Array entry which is not Completed. + + // if hook == "Pending" => create Job + // if hook == "InProgress" => + // if job == "Completed" => hook = "Completed" + // (if job == "Failed" => hook = "Failed" => scan = "Failed") + + // hook = nil => scan = "ReadAndWriteHookCompleted" + + // Scan Status auf ReadAndWriteHookCompleted setzen + case "ReadAndWriteHookCompleted": err = r.startReadOnlyHooks(&scan) case "ReadOnlyHookProcessing": err = r.checkIfReadOnlyHookIsCompleted(&scan) diff --git a/persistence/persistence-elastic/templates/persistence-provider.yaml b/persistence/persistence-elastic/templates/persistence-provider.yaml index 5989011a..4cb9934f 100644 --- a/persistence/persistence-elastic/templates/persistence-provider.yaml +++ b/persistence/persistence-elastic/templates/persistence-provider.yaml @@ -1,10 +1,11 @@ apiVersion: "execution.experimental.securecodebox.io/v1" -kind: PersistenceProvider +kind: ScanCompletionHook metadata: name: {{ include "persistence-elastic.fullname" . }} labels: type: Structured spec: + type: ReadOnly image: "scbexperimental/persistence-elastic:latest" {{- if .Values.image.digest }} image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" From 186744d8a42ec028b4ab9a82bbf420a20d54785d Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 15:20:03 +0200 Subject: [PATCH 005/109] Implement ParseCompleted Step --- operator/apis/execution/v1/scan_types.go | 2 +- .../execution/v1/zz_generated.deepcopy.go | 20 ++++++++++ ...n.experimental.securecodebox.io_scans.yaml | 2 +- .../execution_v1_readandwritehook.yaml | 8 ++++ .../controllers/execution/scan_controller.go | 38 ++++++++++++++++++- 5 files changed, 66 insertions(+), 4 deletions(-) create mode 100644 operator/config/samples/execution_v1_readandwritehook.yaml diff --git a/operator/apis/execution/v1/scan_types.go b/operator/apis/execution/v1/scan_types.go index d54b0651..c1e85f6f 100644 --- a/operator/apis/execution/v1/scan_types.go +++ b/operator/apis/execution/v1/scan_types.go @@ -64,7 +64,7 @@ const ( type HookStatus struct { HookName string `json:"hookName"` State HookState `json:"state"` - JobName string `json:"jobName"` + JobName string `json:"jobName,omitempty"` } // FindingStats contains the general stats about the results of the scan diff --git a/operator/apis/execution/v1/zz_generated.deepcopy.go b/operator/apis/execution/v1/zz_generated.deepcopy.go index 3795fe95..3fadce74 100644 --- a/operator/apis/execution/v1/zz_generated.deepcopy.go +++ b/operator/apis/execution/v1/zz_generated.deepcopy.go @@ -78,6 +78,21 @@ func (in *FindingStats) DeepCopy() *FindingStats { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HookStatus) DeepCopyInto(out *HookStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HookStatus. +func (in *HookStatus) DeepCopy() *HookStatus { + if in == nil { + return nil + } + out := new(HookStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ParseDefinition) DeepCopyInto(out *ParseDefinition) { *out = *in @@ -346,6 +361,11 @@ func (in *ScanSpec) DeepCopy() *ScanSpec { func (in *ScanStatus) DeepCopyInto(out *ScanStatus) { *out = *in in.Findings.DeepCopyInto(&out.Findings) + if in.ReadAndWriteHookStatus != nil { + in, out := &in.ReadAndWriteHookStatus, &out.ReadAndWriteHookStatus + *out = make([]HookStatus, len(*in)) + copy(*out, *in) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScanStatus. diff --git a/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml b/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml index e370e357..f435f3b7 100644 --- a/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml +++ b/operator/config/crd/bases/execution.experimental.securecodebox.io_scans.yaml @@ -121,10 +121,10 @@ spec: jobName: type: string state: + description: HookState Describes the State of a Hook on a Scan type: string required: - hookName - - jobName - state type: object type: array diff --git a/operator/config/samples/execution_v1_readandwritehook.yaml b/operator/config/samples/execution_v1_readandwritehook.yaml new file mode 100644 index 00000000..50a8b098 --- /dev/null +++ b/operator/config/samples/execution_v1_readandwritehook.yaml @@ -0,0 +1,8 @@ +apiVersion: execution.experimental.securecodebox.io/v1 +kind: ScanCompletionHook +metadata: + name: "sleep-rw" +spec: + image: "sleep" + type: "ReadAndWrite" + env: [] diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 64327559..d72840d7 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -114,8 +114,42 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { err = r.checkIfParsingIsCompleted(&scan) case "ParseCompleted": // Hook status erstellen - // List all ReadAndWrite Hook -> Hook Status an Scan hΓ€ngen - // Scan State auf ReadAndWriteHookProcessing setzen + + var scanCompletionHooks executionv1.ScanCompletionHookList + + if err := r.List(ctx, &scanCompletionHooks, client.InNamespace(scan.Namespace)); err != nil { + r.Log.V(7).Info("Unable to fetch ScanCompletionHooks") + return ctrl.Result{}, err + } + + r.Log.Info("Found ScanCompletionHooks", "ScanCompletionHooks", len(scanCompletionHooks.Items)) + + readAndWriteHooks := []executionv1.ScanCompletionHook{} + // filter all ReadAndWriteHooks in the scamCompletionHooks list + for _, hook := range scanCompletionHooks.Items { + if hook.Spec.Type == executionv1.ReadAndWrite { + readAndWriteHooks = append(readAndWriteHooks, hook) + } + } + + r.Log.Info("Found ReadAndWriteHooks", "ReadAndWriteHooks", len(readAndWriteHooks)) + + hookStatus := []executionv1.HookStatus{} + + for _, hook := range readAndWriteHooks { + hookStatus = append(hookStatus, executionv1.HookStatus{ + HookName: hook.Name, + State: executionv1.Pending, + }) + } + + scan.Status.State = "ReadAndWriteHookProcessing" + scan.Status.ReadAndWriteHookStatus = hookStatus + + if err := r.Status().Update(ctx, &scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return ctrl.Result{}, err + } case "ReadAndWriteHookProcessing": // Hook Status Array durchgegen From 06e0b15a0dee8dbfe4c55c01ecd3dac51928a0ad Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 15:40:01 +0200 Subject: [PATCH 006/109] WIP ReadAndWriteHookProcessing --- .../controllers/execution/scan_controller.go | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index d72840d7..87f76631 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -151,7 +151,24 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { return ctrl.Result{}, err } case "ReadAndWriteHookProcessing": - // Hook Status Array durchgegen + // First Array entry which is not Completed. + var nonCompletedHook *executionv1.HookStatus + + for _, hook := range scan.Status.ReadAndWriteHookStatus { + if hook.State != executionv1.Completed { + nonCompletedHook = &hook + break + } + } + + if nonCompletedHook == nil { + scan.Status.State = "ReadAndWriteHookCompleted" + if err := r.Status().Update(ctx, &scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return ctrl.Result{}, err + } + return ctrl.Result{}, nil + } // hook := First Array entry which is not Completed. From e5e6490c432ddf1703add8802bfc60e458b5f140 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 16:10:34 +0200 Subject: [PATCH 007/109] Change sleep image to echo image --- operator/config/samples/Dockerfile | 2 +- operator/config/samples/execution_v1_readandwritehook.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/operator/config/samples/Dockerfile b/operator/config/samples/Dockerfile index ebcf62a3..d576882c 100644 --- a/operator/config/samples/Dockerfile +++ b/operator/config/samples/Dockerfile @@ -1,2 +1,2 @@ FROM alpine -ENTRYPOINT [sleep, 5s] \ No newline at end of file +ENTRYPOINT ["echo"] \ No newline at end of file diff --git a/operator/config/samples/execution_v1_readandwritehook.yaml b/operator/config/samples/execution_v1_readandwritehook.yaml index 50a8b098..17c34ae9 100644 --- a/operator/config/samples/execution_v1_readandwritehook.yaml +++ b/operator/config/samples/execution_v1_readandwritehook.yaml @@ -1,8 +1,8 @@ apiVersion: execution.experimental.securecodebox.io/v1 kind: ScanCompletionHook metadata: - name: "sleep-rw" + name: "echo-rw" spec: - image: "sleep" + image: "echo" type: "ReadAndWrite" env: [] From cf5eb78eb7535f71472af6e6c18783cad3d3158d Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 16:10:50 +0200 Subject: [PATCH 008/109] WIP ReadAndWrite Hook Job Creation --- .../controllers/execution/scan_controller.go | 115 +++++++++++++++++- 1 file changed, 113 insertions(+), 2 deletions(-) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 87f76631..85801ca6 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -170,6 +170,119 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { return ctrl.Result{}, nil } + if nonCompletedHook.State == executionv1.Pending { + rules := []rbacv1.PolicyRule{ + { + APIGroups: []string{"execution.experimental.securecodebox.io"}, + Resources: []string{"scans"}, + Verbs: []string{"get"}, + }, + } + serviceAccountName := "scan-completion-hook" + r.ensureServiceAccountExists( + scan.Namespace, + serviceAccountName, + "ScanCompletionHooks need to access the current scan to view where its results are stored", + rules, + ) + + rawFileURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile) + if err != nil { + return ctrl.Result{}, err + } + findingsFileURL, err := r.PresignedGetURL(scan.UID, "findings.json") + if err != nil { + return ctrl.Result{}, err + } + + var hook executionv1.ScanCompletionHook + err = r.Get(ctx, types.NamespacedName{Name: nonCompletedHook.HookName, Namespace: scan.Namespace}, &hook) + if err != nil { + r.Log.Error(err, "Failed to get ReadAndWrite Hook for HookStatus") + return ctrl.Result{}, err + } + + standardEnvVars := []corev1.EnvVar{ + { + Name: "NAMESPACE", + ValueFrom: &corev1.EnvVarSource{ + FieldRef: &corev1.ObjectFieldSelector{ + FieldPath: "metadata.namespace", + }, + }, + }, + { + Name: "SCAN_NAME", + Value: scan.Name, + }, + } + + // Starting a new job based on the current ReadAndWrite Hook + labels := scan.ObjectMeta.DeepCopy().Labels + if labels == nil { + labels = make(map[string]string) + } + labels["experimental.securecodebox.io/job-type"] = "read-and-write-hook" + job := &batch.Job{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: make(map[string]string), + Name: fmt.Sprintf("%s-%s", hook.Name, scan.Name), + Namespace: scan.Namespace, + Labels: labels, + }, + Spec: batch.JobSpec{ + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + "auto-discovery.experimental.securecodebox.io/ignore": "true", + }, + }, + Spec: corev1.PodSpec{ + ServiceAccountName: serviceAccountName, + RestartPolicy: corev1.RestartPolicyNever, + Containers: []corev1.Container{ + { + Name: "hook", + Image: hook.Spec.Image, + Args: []string{ + rawFileURL, + findingsFileURL, + }, + Env: append(hook.Spec.Env, standardEnvVars...), + ImagePullPolicy: "IfNotPresent", + }, + }, + }, + }, + TTLSecondsAfterFinished: nil, + }, + } + if err := ctrl.SetControllerReference(&scan, job, r.Scheme); err != nil { + r.Log.Error(err, "Unable to set controllerReference on job", "job", job) + return ctrl.Result{}, err + } + + if err := r.Create(ctx, job); err != nil { + r.Log.Error(err, "Unable to create Job for ReadOnlyHook", "job", job) + return ctrl.Result{}, err + } + + for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { + if hookStatus.HookName == nonCompletedHook.HookName { + scan.Status.ReadAndWriteHookStatus[i].State = executionv1.InProgress + } + } + + if err := r.Status().Update(ctx, &scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return ctrl.Result{}, err + } + return ctrl.Result{}, err + } + + // if nonCompletedHook.State == executionv1.InProgress{ + + // } // hook := First Array entry which is not Completed. // if hook == "Pending" => create Job @@ -177,8 +290,6 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { // if job == "Completed" => hook = "Completed" // (if job == "Failed" => hook = "Failed" => scan = "Failed") - // hook = nil => scan = "ReadAndWriteHookCompleted" - // Scan Status auf ReadAndWriteHookCompleted setzen case "ReadAndWriteHookCompleted": err = r.startReadOnlyHooks(&scan) From f7be4f0a217d8a19272b7dfe83a470a1ea5ce4f0 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 16:55:53 +0200 Subject: [PATCH 009/109] Check if job has completed --- operator/apis/execution/v1/scan_types.go | 5 +-- .../execution_v1_readandwritehook.yaml | 4 +- .../samples/execution_v1_readonlyhook.yaml | 4 +- .../controllers/execution/scan_controller.go | 44 ++++++++++++++++++- 4 files changed, 48 insertions(+), 9 deletions(-) diff --git a/operator/apis/execution/v1/scan_types.go b/operator/apis/execution/v1/scan_types.go index c1e85f6f..8696acff 100644 --- a/operator/apis/execution/v1/scan_types.go +++ b/operator/apis/execution/v1/scan_types.go @@ -56,9 +56,8 @@ const ( Pending HookState = "Pending" InProgress HookState = "InProgress" Completed HookState = "Completed" - - // Cancelled HookState = "Cancelled" - // Failed HookState = "Failed" + Cancelled HookState = "Cancelled" + Failed HookState = "Failed" ) type HookStatus struct { diff --git a/operator/config/samples/execution_v1_readandwritehook.yaml b/operator/config/samples/execution_v1_readandwritehook.yaml index 17c34ae9..50a8b098 100644 --- a/operator/config/samples/execution_v1_readandwritehook.yaml +++ b/operator/config/samples/execution_v1_readandwritehook.yaml @@ -1,8 +1,8 @@ apiVersion: execution.experimental.securecodebox.io/v1 kind: ScanCompletionHook metadata: - name: "echo-rw" + name: "sleep-rw" spec: - image: "echo" + image: "sleep" type: "ReadAndWrite" env: [] diff --git a/operator/config/samples/execution_v1_readonlyhook.yaml b/operator/config/samples/execution_v1_readonlyhook.yaml index 5d316ea0..76273547 100644 --- a/operator/config/samples/execution_v1_readonlyhook.yaml +++ b/operator/config/samples/execution_v1_readonlyhook.yaml @@ -1,8 +1,8 @@ apiVersion: execution.experimental.securecodebox.io/v1 kind: ScanCompletionHook metadata: - name: "sleep" + name: "echo-r" spec: - image: "sleep" + image: "echo" type: "ReadOnly" env: [] diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 85801ca6..191aaebe 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -223,6 +223,7 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { labels = make(map[string]string) } labels["experimental.securecodebox.io/job-type"] = "read-and-write-hook" + var backOffLimit int32 = 3 job := &batch.Job{ ObjectMeta: metav1.ObjectMeta{ Annotations: make(map[string]string), @@ -231,6 +232,7 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { Labels: labels, }, Spec: batch.JobSpec{ + BackoffLimit: &backOffLimit, Template: corev1.PodTemplateSpec{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ @@ -269,6 +271,7 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { if hookStatus.HookName == nonCompletedHook.HookName { + scan.Status.ReadAndWriteHookStatus[i].JobName = job.Name scan.Status.ReadAndWriteHookStatus[i].State = executionv1.InProgress } } @@ -280,9 +283,46 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { return ctrl.Result{}, err } - // if nonCompletedHook.State == executionv1.InProgress{ + if nonCompletedHook.State == executionv1.InProgress { + jobStatus, err := r.checkIfJobIsCompleted(nonCompletedHook.JobName, scan.Namespace) + if err != nil { + r.Log.Error(err, "Failed to check job status for ReadAndWrite Hook") + return ctrl.Result{}, err + } + switch jobStatus { + case completed: + for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { + if hookStatus.HookName == nonCompletedHook.HookName { + scan.Status.ReadAndWriteHookStatus[i].State = executionv1.Completed + } + } + + if err := r.Status().Update(ctx, &scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return ctrl.Result{}, err + } + return ctrl.Result{}, err + case incomplete: + // Still waiting for job to finish + return ctrl.Result{}, err + + case failed: + for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { + if hookStatus.HookName == nonCompletedHook.HookName { + scan.Status.ReadAndWriteHookStatus[i].State = executionv1.Failed + } else if hookStatus.State == executionv1.Pending { + scan.Status.ReadAndWriteHookStatus[i].State = executionv1.Cancelled + } + } + scan.Status.State = "Errored" + scan.Status.ErrorDescription = fmt.Sprintf("Failed to execute ReadAndWrite Hook '%s' in job '%s'. Check the logs of the hook for more information.", nonCompletedHook.HookName, nonCompletedHook.JobName) + if err := r.Status().Update(ctx, &scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return ctrl.Result{}, err + } + } + } - // } // hook := First Array entry which is not Completed. // if hook == "Pending" => create Job From 31294b609ab4d88f04bcd7601a0554bee527e431 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 16:57:03 +0200 Subject: [PATCH 010/109] Remove duplicated comments --- operator/controllers/execution/scan_controller.go | 9 --------- 1 file changed, 9 deletions(-) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 191aaebe..26455cee 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -322,15 +322,6 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { } } } - - // hook := First Array entry which is not Completed. - - // if hook == "Pending" => create Job - // if hook == "InProgress" => - // if job == "Completed" => hook = "Completed" - // (if job == "Failed" => hook = "Failed" => scan = "Failed") - - // Scan Status auf ReadAndWriteHookCompleted setzen case "ReadAndWriteHookCompleted": err = r.startReadOnlyHooks(&scan) case "ReadOnlyHookProcessing": From 11b10d97f90ce280b7728fa4d8c3b3b34505779a Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 17:21:55 +0200 Subject: [PATCH 011/109] Update crds in operators helm chart --- ...securecodebox.io_scancompletionhooks.yaml} | 32 ++++++++++++------- 1 file changed, 20 insertions(+), 12 deletions(-) rename operator/crds/{execution.experimental.securecodebox.io_persistenceproviders.yaml => execution.experimental.securecodebox.io_scancompletionhooks.yaml} (87%) diff --git a/operator/crds/execution.experimental.securecodebox.io_persistenceproviders.yaml b/operator/crds/execution.experimental.securecodebox.io_scancompletionhooks.yaml similarity index 87% rename from operator/crds/execution.experimental.securecodebox.io_persistenceproviders.yaml rename to operator/crds/execution.experimental.securecodebox.io_scancompletionhooks.yaml index 6e51a957..5b7d72d0 100644 --- a/operator/crds/execution.experimental.securecodebox.io_persistenceproviders.yaml +++ b/operator/crds/execution.experimental.securecodebox.io_scancompletionhooks.yaml @@ -6,25 +6,28 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.4 creationTimestamp: null - name: persistenceproviders.execution.experimental.securecodebox.io + name: scancompletionhooks.execution.experimental.securecodebox.io spec: additionalPrinterColumns: + - JSONPath: .spec.type + description: ScanCompletionHook Type + name: Type + type: string - JSONPath: .spec.image - description: PersistenceProvider Image + description: ScanCompletionHook Image name: Image type: string group: execution.experimental.securecodebox.io names: - kind: PersistenceProvider - listKind: PersistenceProviderList - plural: persistenceproviders - singular: persistenceprovider + kind: ScanCompletionHook + listKind: ScanCompletionHookList + plural: scancompletionhooks + singular: scancompletionhook scope: Namespaced subresources: {} validation: openAPIV3Schema: - description: PersistenceProvider is the Schema for the persistenceproviders - API + description: ScanCompletionHook is the Schema for the ScanCompletionHooks API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -39,7 +42,7 @@ spec: metadata: type: object spec: - description: PersistenceProviderSpec defines the desired state of PersistenceProvider + description: ScanCompletionHookSpec defines the desired state of ScanCompletionHook properties: env: items: @@ -140,12 +143,17 @@ spec: type: object type: array image: - description: Foo is an example field of PersistenceProvider. Edit PersistenceProvider_types.go - to remove/update + description: Image is the container image for the hooks kubernetes job + type: string + type: + description: HookType Defines weather the hook should be able to change + the findings or is run in a read only mode. type: string + required: + - type type: object status: - description: PersistenceProviderStatus defines the observed state of PersistenceProvider + description: ScanCompletionHookStatus defines the observed state of ScanCompletionHook type: object type: object version: v1 From d4a352733d70a43de121a0a50c86906d6efb3ce5 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 17:35:05 +0200 Subject: [PATCH 012/109] Run inspect operator step post-failure --- .github/workflows/ci.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 5f08382b..fe28dd8f 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -304,6 +304,7 @@ jobs: kubectl -n integration-tests get jobs -o wide kubectl -n integration-tests get pods -o wide - name: "Inspect Operator" + if: failure() run: | echo "Deployment in namespace 'securecodebox-system'" kubectl -n securecodebox-system get deployments From 55a7612eb46b99e803fdb56cb723089cea9de0e8 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 25 May 2020 17:42:34 +0200 Subject: [PATCH 013/109] Fix rbac in helm chart --- .../rbac/persistenceprovider_editor_role.yaml | 24 ------------------- .../rbac/persistenceprovider_viewer_role.yaml | 20 ---------------- .../rbac/persistenceprovider_editor_role.yaml | 24 ------------------- .../rbac/persistenceprovider_viewer_role.yaml | 20 ---------------- operator/templates/rbac/role.yaml | 2 +- 5 files changed, 1 insertion(+), 89 deletions(-) delete mode 100644 operator/config/rbac/persistenceprovider_editor_role.yaml delete mode 100644 operator/config/rbac/persistenceprovider_viewer_role.yaml delete mode 100644 operator/templates/rbac/persistenceprovider_editor_role.yaml delete mode 100644 operator/templates/rbac/persistenceprovider_viewer_role.yaml diff --git a/operator/config/rbac/persistenceprovider_editor_role.yaml b/operator/config/rbac/persistenceprovider_editor_role.yaml deleted file mode 100644 index 1bbbfe1a..00000000 --- a/operator/config/rbac/persistenceprovider_editor_role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# permissions for end users to edit persistenceproviders. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: persistenceprovider-editor-role -rules: -- apiGroups: - - execution.experimental.securecodebox.io - resources: - - persistenceproviders - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.experimental.securecodebox.io - resources: - - persistenceproviders/status - verbs: - - get diff --git a/operator/config/rbac/persistenceprovider_viewer_role.yaml b/operator/config/rbac/persistenceprovider_viewer_role.yaml deleted file mode 100644 index ec836136..00000000 --- a/operator/config/rbac/persistenceprovider_viewer_role.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# permissions for end users to view persistenceproviders. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: persistenceprovider-viewer-role -rules: -- apiGroups: - - execution.experimental.securecodebox.io - resources: - - persistenceproviders - verbs: - - get - - list - - watch -- apiGroups: - - execution.experimental.securecodebox.io - resources: - - persistenceproviders/status - verbs: - - get diff --git a/operator/templates/rbac/persistenceprovider_editor_role.yaml b/operator/templates/rbac/persistenceprovider_editor_role.yaml deleted file mode 100644 index 1bbbfe1a..00000000 --- a/operator/templates/rbac/persistenceprovider_editor_role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# permissions for end users to edit persistenceproviders. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: persistenceprovider-editor-role -rules: -- apiGroups: - - execution.experimental.securecodebox.io - resources: - - persistenceproviders - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - execution.experimental.securecodebox.io - resources: - - persistenceproviders/status - verbs: - - get diff --git a/operator/templates/rbac/persistenceprovider_viewer_role.yaml b/operator/templates/rbac/persistenceprovider_viewer_role.yaml deleted file mode 100644 index ec836136..00000000 --- a/operator/templates/rbac/persistenceprovider_viewer_role.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# permissions for end users to view persistenceproviders. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: persistenceprovider-viewer-role -rules: -- apiGroups: - - execution.experimental.securecodebox.io - resources: - - persistenceproviders - verbs: - - get - - list - - watch -- apiGroups: - - execution.experimental.securecodebox.io - resources: - - persistenceproviders/status - verbs: - - get diff --git a/operator/templates/rbac/role.yaml b/operator/templates/rbac/role.yaml index 681c96db..b1bd525a 100644 --- a/operator/templates/rbac/role.yaml +++ b/operator/templates/rbac/role.yaml @@ -44,7 +44,7 @@ rules: - apiGroups: - execution.experimental.securecodebox.io resources: - - persistenceproviders + - scancompletionhooks verbs: - get - list From 231f4f2820abf5a829c7c3874ef3727d880b11d8 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 16:05:30 +0200 Subject: [PATCH 014/109] Rename persistence-sdk to hook sdk --- .../nodejs/.dockerignore | 0 .../nodejs/.gitignore | 0 .../nodejs/Dockerfile | 6 ++--- .../nodejs/hook-wrapper.js | 26 +++++++++---------- .../nodejs/package-lock.json | 2 +- .../nodejs/package.json | 6 ++--- 6 files changed, 20 insertions(+), 20 deletions(-) rename {persistence-sdk => hook-sdk}/nodejs/.dockerignore (100%) rename {persistence-sdk => hook-sdk}/nodejs/.gitignore (100%) rename {persistence-sdk => hook-sdk}/nodejs/Dockerfile (62%) rename persistence-sdk/nodejs/persistence-wrapper.js => hook-sdk/nodejs/hook-wrapper.js (64%) rename {persistence-sdk => hook-sdk}/nodejs/package-lock.json (99%) rename {persistence-sdk => hook-sdk}/nodejs/package.json (74%) diff --git a/persistence-sdk/nodejs/.dockerignore b/hook-sdk/nodejs/.dockerignore similarity index 100% rename from persistence-sdk/nodejs/.dockerignore rename to hook-sdk/nodejs/.dockerignore diff --git a/persistence-sdk/nodejs/.gitignore b/hook-sdk/nodejs/.gitignore similarity index 100% rename from persistence-sdk/nodejs/.gitignore rename to hook-sdk/nodejs/.gitignore diff --git a/persistence-sdk/nodejs/Dockerfile b/hook-sdk/nodejs/Dockerfile similarity index 62% rename from persistence-sdk/nodejs/Dockerfile rename to hook-sdk/nodejs/Dockerfile index e0e94262..bce6e837 100644 --- a/persistence-sdk/nodejs/Dockerfile +++ b/hook-sdk/nodejs/Dockerfile @@ -6,9 +6,9 @@ RUN npm ci --production FROM node:12-alpine ARG NODE_ENV RUN addgroup -S app && adduser app -S -G app -WORKDIR /home/app/persistence-wrapper/ +WORKDIR /home/app/hook-wrapper/ COPY --from=build --chown=app:app /home/app/node_modules/ ./node_modules/ -COPY --chown=app:app ./persistence-wrapper.js ./persistence-wrapper.js +COPY --chown=app:app ./hook-wrapper.js ./hook-wrapper.js USER app ENV NODE_ENV ${NODE_ENV:-production} -ENTRYPOINT ["node", "/home/app/persistence-wrapper/persistence-wrapper.js"] \ No newline at end of file +ENTRYPOINT ["node", "/home/app/hook-wrapper/hook-wrapper.js"] \ No newline at end of file diff --git a/persistence-sdk/nodejs/persistence-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js similarity index 64% rename from persistence-sdk/nodejs/persistence-wrapper.js rename to hook-sdk/nodejs/hook-wrapper.js index c538d76c..01e758b1 100644 --- a/persistence-sdk/nodejs/persistence-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -1,24 +1,24 @@ -const axios = require('axios'); -const { persist } = require('./persistence/persist'); -const k8s = require('@kubernetes/client-node'); +const axios = require("axios"); +const { persist } = require("./persistence/persist"); +const k8s = require("@kubernetes/client-node"); async function main() { const rawResultUrl = process.argv[2]; - const getRawResult = (url => () => + const getRawResult = ((url) => () => axios.get(url).then(({ data: findings }) => { console.log(`Fetched ${findings.length} findings from the file storage`); return findings; }))(rawResultUrl); const findingsUrl = process.argv[3]; - const getFindings = (url => () => - axios.get(url).then(res => { + const getFindings = ((url) => () => + axios.get(url).then((res) => { console.log(`Fetched raw result file contents from the file storage`); return res.data; }))(findingsUrl); - const scanName = process.env['SCAN_NAME']; - const namespace = process.env['NAMESPACE']; + const scanName = process.env["SCAN_NAME"]; + const namespace = process.env["NAMESPACE"]; console.log(`Starting PersistenceProvider for Scan "${scanName}"`); const kc = new k8s.KubeConfig(); @@ -29,15 +29,15 @@ async function main() { let scan; try { const { body } = await k8sApi.getNamespacedCustomObject( - 'execution.experimental.securecodebox.io', - 'v1', + "execution.experimental.securecodebox.io", + "v1", namespace, - 'scans', + "scans", scanName ); scan = body; } catch (err) { - console.error('Failed to get Scan from the kubernetes api'); + console.error("Failed to get Scan from the kubernetes api"); console.error(err); process.exit(1); } @@ -46,7 +46,7 @@ async function main() { await persist({ getRawResult, getFindings, scan }); } catch (error) { console.error( - 'Error was thrown while running PersistenceProviders persist function' + "Error was thrown while running PersistenceProviders persist function" ); console.error(error); process.exit(1); diff --git a/persistence-sdk/nodejs/package-lock.json b/hook-sdk/nodejs/package-lock.json similarity index 99% rename from persistence-sdk/nodejs/package-lock.json rename to hook-sdk/nodejs/package-lock.json index a13161b8..ea02f7ef 100644 --- a/persistence-sdk/nodejs/package-lock.json +++ b/hook-sdk/nodejs/package-lock.json @@ -1,5 +1,5 @@ { - "name": "securecodebox-persistence-sdk-nodejs", + "name": "securecodebox-hook-sdk-nodejs", "version": "1.0.0", "lockfileVersion": 1, "requires": true, diff --git a/persistence-sdk/nodejs/package.json b/hook-sdk/nodejs/package.json similarity index 74% rename from persistence-sdk/nodejs/package.json rename to hook-sdk/nodejs/package.json index cc83df51..4f5ec4c3 100644 --- a/persistence-sdk/nodejs/package.json +++ b/hook-sdk/nodejs/package.json @@ -1,8 +1,8 @@ { - "name": "securecodebox-persistence-sdk-nodejs", + "name": "securecodebox-hook-sdk-nodejs", "version": "1.0.0", - "description": "Handles external communication required for all secureCodeBox PersistenceProviders", - "main": "persistence-wrapper.js", + "description": "Handles external communication required for all secureCodeBox Hooks", + "main": "hook-wrapper.js", "scripts": { "test": "jest" }, From 29c3312ca06c6e6dc88a0e87f1a8c9377d8433a5 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 16:18:47 +0200 Subject: [PATCH 015/109] Refactore and add update methods in the hook sdk --- hook-sdk/nodejs/hook-wrapper.js | 90 ++++++++++++++++++++++++++++----- 1 file changed, 78 insertions(+), 12 deletions(-) diff --git a/hook-sdk/nodejs/hook-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js index 01e758b1..7a528710 100644 --- a/hook-sdk/nodejs/hook-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -2,21 +2,81 @@ const axios = require("axios"); const { persist } = require("./persistence/persist"); const k8s = require("@kubernetes/client-node"); -async function main() { +function downloadFile(url) { + return axios.get(url); +} + +function getRawResults() { const rawResultUrl = process.argv[2]; - const getRawResult = ((url) => () => - axios.get(url).then(({ data: findings }) => { - console.log(`Fetched ${findings.length} findings from the file storage`); - return findings; - }))(rawResultUrl); + return downloadFile(rawResultUrl).then(({ data }) => { + console.log(`Fetched raw result file contents from the file storage`); + return data; + }); +} +function getFindings() { const findingsUrl = process.argv[3]; - const getFindings = ((url) => () => - axios.get(url).then((res) => { - console.log(`Fetched raw result file contents from the file storage`); - return res.data; - }))(findingsUrl); + return downloadFile(findingsUrl).then(({ data: findings }) => { + console.log(`Fetched ${findings.length} findings from the file storage`); + return findings; + }); +} + +function uploadFile(url) { + return axios + .put(url, findingsWithIds, { + headers: { "content-type": "" }, + }) + .catch(function(error) { + if (error.response) { + // The request was made and the server responded with a status code + // that falls out of the range of 2xx + console.error( + `File Upload Failed with Response Code: ${error.response.status}` + ); + console.error(`Error Response Body: ${error.response.data}`); + } else if (error.request) { + console.error( + "No response received from FileStorage when uploading finding" + ); + console.error(error); + } else { + // Something happened in setting up the request that triggered an Error + console.log("Error", error.message); + } + process.exit(1); + }); +} + +function uploadRawResults() { + const rawResultUploadUrl = process.argv[4]; + if (rawResultUploadUrl === undefined) { + console.error( + "Tried to upload RawResults but didn't find a valid URL to upload the findings to." + ); + console.error("This probably means that this hook is a ReadOnly hook."); + console.error( + "If you want to change RawResults you'll need to use a ReadAndWrite Hook." + ); + } + return uploadFile(rawResultUploadUrl); +} +function uploadFindings() { + const findingsUploadUrl = process.argv[5]; + if (findingsUploadUrl === undefined) { + console.error( + "Tried to upload Findings but didn't find a valid URL to upload the findings to." + ); + console.error("This probably means that this hook is a ReadOnly hook."); + console.error( + "If you want to change Findings you'll need to use a ReadAndWrite Hook." + ); + } + return uploadFile(findingsUploadUrl); +} + +async function main() { const scanName = process.env["SCAN_NAME"]; const namespace = process.env["NAMESPACE"]; console.log(`Starting PersistenceProvider for Scan "${scanName}"`); @@ -43,7 +103,13 @@ async function main() { } try { - await persist({ getRawResult, getFindings, scan }); + await persist({ + getRawResult, + getFindings, + uploadRawResults, + uploadFindings, + scan, + }); } catch (error) { console.error( "Error was thrown while running PersistenceProviders persist function" From fa2682a3fad8b30c09325668297f4c1a6ca165dc Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 16:20:38 +0200 Subject: [PATCH 016/109] Rename persistence folder to hooks --- .../persistence}/persistence-elastic/.dockerignore | 0 .../persistence}/persistence-elastic/.gitignore | 0 .../persistence}/persistence-elastic/.helmignore | 0 .../persistence}/persistence-elastic/Chart.lock | 0 .../persistence}/persistence-elastic/Chart.yaml | 0 .../persistence}/persistence-elastic/Dockerfile | 0 .../__mocks__/@elastic/elasticsearch.js | 0 .../charts/elasticsearch-7.6.1.tgz | Bin .../persistence-elastic/charts/kibana-7.6.1.tgz | Bin .../dashboardImporter/Dockerfile | 0 .../dashboardImporter/dashboards/daily-summary.json | 0 .../dashboardImporter/export-dashboards.sh | 0 .../dashboardImporter/import-dashboards.sh | 0 .../persistence-elastic/dashboardImporter/readme.md | 0 .../persistence-elastic/package-lock.json | 0 .../persistence}/persistence-elastic/package.json | 0 .../persistence}/persistence-elastic/persist.js | 0 .../persistence-elastic/persist.test.js | 0 .../persistence-elastic/templates/NOTES.txt | 0 .../persistence-elastic/templates/_helpers.tpl | 0 .../templates/import-dashboard.yaml | 0 .../templates/persistence-provider.yaml | 0 .../persistence}/persistence-elastic/values.yaml | 0 23 files changed, 0 insertions(+), 0 deletions(-) rename {persistence => hooks/persistence}/persistence-elastic/.dockerignore (100%) rename {persistence => hooks/persistence}/persistence-elastic/.gitignore (100%) rename {persistence => hooks/persistence}/persistence-elastic/.helmignore (100%) rename {persistence => hooks/persistence}/persistence-elastic/Chart.lock (100%) rename {persistence => hooks/persistence}/persistence-elastic/Chart.yaml (100%) rename {persistence => hooks/persistence}/persistence-elastic/Dockerfile (100%) rename {persistence => hooks/persistence}/persistence-elastic/__mocks__/@elastic/elasticsearch.js (100%) rename {persistence => hooks/persistence}/persistence-elastic/charts/elasticsearch-7.6.1.tgz (100%) rename {persistence => hooks/persistence}/persistence-elastic/charts/kibana-7.6.1.tgz (100%) rename {persistence => hooks/persistence}/persistence-elastic/dashboardImporter/Dockerfile (100%) rename {persistence => hooks/persistence}/persistence-elastic/dashboardImporter/dashboards/daily-summary.json (100%) rename {persistence => hooks/persistence}/persistence-elastic/dashboardImporter/export-dashboards.sh (100%) rename {persistence => hooks/persistence}/persistence-elastic/dashboardImporter/import-dashboards.sh (100%) rename {persistence => hooks/persistence}/persistence-elastic/dashboardImporter/readme.md (100%) rename {persistence => hooks/persistence}/persistence-elastic/package-lock.json (100%) rename {persistence => hooks/persistence}/persistence-elastic/package.json (100%) rename {persistence => hooks/persistence}/persistence-elastic/persist.js (100%) rename {persistence => hooks/persistence}/persistence-elastic/persist.test.js (100%) rename {persistence => hooks/persistence}/persistence-elastic/templates/NOTES.txt (100%) rename {persistence => hooks/persistence}/persistence-elastic/templates/_helpers.tpl (100%) rename {persistence => hooks/persistence}/persistence-elastic/templates/import-dashboard.yaml (100%) rename {persistence => hooks/persistence}/persistence-elastic/templates/persistence-provider.yaml (100%) rename {persistence => hooks/persistence}/persistence-elastic/values.yaml (100%) diff --git a/persistence/persistence-elastic/.dockerignore b/hooks/persistence/persistence-elastic/.dockerignore similarity index 100% rename from persistence/persistence-elastic/.dockerignore rename to hooks/persistence/persistence-elastic/.dockerignore diff --git a/persistence/persistence-elastic/.gitignore b/hooks/persistence/persistence-elastic/.gitignore similarity index 100% rename from persistence/persistence-elastic/.gitignore rename to hooks/persistence/persistence-elastic/.gitignore diff --git a/persistence/persistence-elastic/.helmignore b/hooks/persistence/persistence-elastic/.helmignore similarity index 100% rename from persistence/persistence-elastic/.helmignore rename to hooks/persistence/persistence-elastic/.helmignore diff --git a/persistence/persistence-elastic/Chart.lock b/hooks/persistence/persistence-elastic/Chart.lock similarity index 100% rename from persistence/persistence-elastic/Chart.lock rename to hooks/persistence/persistence-elastic/Chart.lock diff --git a/persistence/persistence-elastic/Chart.yaml b/hooks/persistence/persistence-elastic/Chart.yaml similarity index 100% rename from persistence/persistence-elastic/Chart.yaml rename to hooks/persistence/persistence-elastic/Chart.yaml diff --git a/persistence/persistence-elastic/Dockerfile b/hooks/persistence/persistence-elastic/Dockerfile similarity index 100% rename from persistence/persistence-elastic/Dockerfile rename to hooks/persistence/persistence-elastic/Dockerfile diff --git a/persistence/persistence-elastic/__mocks__/@elastic/elasticsearch.js b/hooks/persistence/persistence-elastic/__mocks__/@elastic/elasticsearch.js similarity index 100% rename from persistence/persistence-elastic/__mocks__/@elastic/elasticsearch.js rename to hooks/persistence/persistence-elastic/__mocks__/@elastic/elasticsearch.js diff --git a/persistence/persistence-elastic/charts/elasticsearch-7.6.1.tgz b/hooks/persistence/persistence-elastic/charts/elasticsearch-7.6.1.tgz similarity index 100% rename from persistence/persistence-elastic/charts/elasticsearch-7.6.1.tgz rename to hooks/persistence/persistence-elastic/charts/elasticsearch-7.6.1.tgz diff --git a/persistence/persistence-elastic/charts/kibana-7.6.1.tgz b/hooks/persistence/persistence-elastic/charts/kibana-7.6.1.tgz similarity index 100% rename from persistence/persistence-elastic/charts/kibana-7.6.1.tgz rename to hooks/persistence/persistence-elastic/charts/kibana-7.6.1.tgz diff --git a/persistence/persistence-elastic/dashboardImporter/Dockerfile b/hooks/persistence/persistence-elastic/dashboardImporter/Dockerfile similarity index 100% rename from persistence/persistence-elastic/dashboardImporter/Dockerfile rename to hooks/persistence/persistence-elastic/dashboardImporter/Dockerfile diff --git a/persistence/persistence-elastic/dashboardImporter/dashboards/daily-summary.json b/hooks/persistence/persistence-elastic/dashboardImporter/dashboards/daily-summary.json similarity index 100% rename from persistence/persistence-elastic/dashboardImporter/dashboards/daily-summary.json rename to hooks/persistence/persistence-elastic/dashboardImporter/dashboards/daily-summary.json diff --git a/persistence/persistence-elastic/dashboardImporter/export-dashboards.sh b/hooks/persistence/persistence-elastic/dashboardImporter/export-dashboards.sh similarity index 100% rename from persistence/persistence-elastic/dashboardImporter/export-dashboards.sh rename to hooks/persistence/persistence-elastic/dashboardImporter/export-dashboards.sh diff --git a/persistence/persistence-elastic/dashboardImporter/import-dashboards.sh b/hooks/persistence/persistence-elastic/dashboardImporter/import-dashboards.sh similarity index 100% rename from persistence/persistence-elastic/dashboardImporter/import-dashboards.sh rename to hooks/persistence/persistence-elastic/dashboardImporter/import-dashboards.sh diff --git a/persistence/persistence-elastic/dashboardImporter/readme.md b/hooks/persistence/persistence-elastic/dashboardImporter/readme.md similarity index 100% rename from persistence/persistence-elastic/dashboardImporter/readme.md rename to hooks/persistence/persistence-elastic/dashboardImporter/readme.md diff --git a/persistence/persistence-elastic/package-lock.json b/hooks/persistence/persistence-elastic/package-lock.json similarity index 100% rename from persistence/persistence-elastic/package-lock.json rename to hooks/persistence/persistence-elastic/package-lock.json diff --git a/persistence/persistence-elastic/package.json b/hooks/persistence/persistence-elastic/package.json similarity index 100% rename from persistence/persistence-elastic/package.json rename to hooks/persistence/persistence-elastic/package.json diff --git a/persistence/persistence-elastic/persist.js b/hooks/persistence/persistence-elastic/persist.js similarity index 100% rename from persistence/persistence-elastic/persist.js rename to hooks/persistence/persistence-elastic/persist.js diff --git a/persistence/persistence-elastic/persist.test.js b/hooks/persistence/persistence-elastic/persist.test.js similarity index 100% rename from persistence/persistence-elastic/persist.test.js rename to hooks/persistence/persistence-elastic/persist.test.js diff --git a/persistence/persistence-elastic/templates/NOTES.txt b/hooks/persistence/persistence-elastic/templates/NOTES.txt similarity index 100% rename from persistence/persistence-elastic/templates/NOTES.txt rename to hooks/persistence/persistence-elastic/templates/NOTES.txt diff --git a/persistence/persistence-elastic/templates/_helpers.tpl b/hooks/persistence/persistence-elastic/templates/_helpers.tpl similarity index 100% rename from persistence/persistence-elastic/templates/_helpers.tpl rename to hooks/persistence/persistence-elastic/templates/_helpers.tpl diff --git a/persistence/persistence-elastic/templates/import-dashboard.yaml b/hooks/persistence/persistence-elastic/templates/import-dashboard.yaml similarity index 100% rename from persistence/persistence-elastic/templates/import-dashboard.yaml rename to hooks/persistence/persistence-elastic/templates/import-dashboard.yaml diff --git a/persistence/persistence-elastic/templates/persistence-provider.yaml b/hooks/persistence/persistence-elastic/templates/persistence-provider.yaml similarity index 100% rename from persistence/persistence-elastic/templates/persistence-provider.yaml rename to hooks/persistence/persistence-elastic/templates/persistence-provider.yaml diff --git a/persistence/persistence-elastic/values.yaml b/hooks/persistence/persistence-elastic/values.yaml similarity index 100% rename from persistence/persistence-elastic/values.yaml rename to hooks/persistence/persistence-elastic/values.yaml From e218e4b09b338a0fc7fb1f0c49ef916e7d7ced44 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 17:12:10 +0200 Subject: [PATCH 017/109] Add generic-webhook ScanCompletionHook --- hook-sdk/nodejs/hook-wrapper.js | 14 +- hooks/generic-webhook/.dockerignore | 1 + hooks/generic-webhook/.gitignore | 1 + hooks/generic-webhook/.helmignore | 30 + hooks/generic-webhook/Chart.lock | 3 + hooks/generic-webhook/Chart.yaml | 11 + hooks/generic-webhook/Dockerfile | 10 + hooks/generic-webhook/__mocks__/axios.js | 1 + hooks/generic-webhook/hook.js | 15 + hooks/generic-webhook/hook.test.js | 34 + hooks/generic-webhook/package-lock.json | 4705 +++++++++++++++++ hooks/generic-webhook/package.json | 18 + hooks/generic-webhook/templates/NOTES.txt | 4 + hooks/generic-webhook/templates/_helpers.tpl | 52 + .../templates/webhook-hook.yaml | 14 + hooks/generic-webhook/values.yaml | 11 + 16 files changed, 4916 insertions(+), 8 deletions(-) create mode 100644 hooks/generic-webhook/.dockerignore create mode 100644 hooks/generic-webhook/.gitignore create mode 100644 hooks/generic-webhook/.helmignore create mode 100644 hooks/generic-webhook/Chart.lock create mode 100644 hooks/generic-webhook/Chart.yaml create mode 100644 hooks/generic-webhook/Dockerfile create mode 100644 hooks/generic-webhook/__mocks__/axios.js create mode 100644 hooks/generic-webhook/hook.js create mode 100644 hooks/generic-webhook/hook.test.js create mode 100644 hooks/generic-webhook/package-lock.json create mode 100644 hooks/generic-webhook/package.json create mode 100644 hooks/generic-webhook/templates/NOTES.txt create mode 100644 hooks/generic-webhook/templates/_helpers.tpl create mode 100644 hooks/generic-webhook/templates/webhook-hook.yaml create mode 100644 hooks/generic-webhook/values.yaml diff --git a/hook-sdk/nodejs/hook-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js index 7a528710..4d4419d0 100644 --- a/hook-sdk/nodejs/hook-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -1,5 +1,5 @@ const axios = require("axios"); -const { persist } = require("./persistence/persist"); +const { handle } = require("./hook/hook"); const k8s = require("@kubernetes/client-node"); function downloadFile(url) { @@ -79,7 +79,7 @@ function uploadFindings() { async function main() { const scanName = process.env["SCAN_NAME"]; const namespace = process.env["NAMESPACE"]; - console.log(`Starting PersistenceProvider for Scan "${scanName}"`); + console.log(`Starting hook for Scan "${scanName}"`); const kc = new k8s.KubeConfig(); kc.loadFromCluster(); @@ -103,22 +103,20 @@ async function main() { } try { - await persist({ - getRawResult, + await handle({ + getRawResults, getFindings, uploadRawResults, uploadFindings, scan, }); } catch (error) { - console.error( - "Error was thrown while running PersistenceProviders persist function" - ); + console.error("Error was thrown while running hooks handle function"); console.error(error); process.exit(1); } - console.log(`Completed PersistenceProvider`); + console.log(`Hook completed`); } main(); diff --git a/hooks/generic-webhook/.dockerignore b/hooks/generic-webhook/.dockerignore new file mode 100644 index 00000000..40b878db --- /dev/null +++ b/hooks/generic-webhook/.dockerignore @@ -0,0 +1 @@ +node_modules/ \ No newline at end of file diff --git a/hooks/generic-webhook/.gitignore b/hooks/generic-webhook/.gitignore new file mode 100644 index 00000000..b512c09d --- /dev/null +++ b/hooks/generic-webhook/.gitignore @@ -0,0 +1 @@ +node_modules \ No newline at end of file diff --git a/hooks/generic-webhook/.helmignore b/hooks/generic-webhook/.helmignore new file mode 100644 index 00000000..676a3554 --- /dev/null +++ b/hooks/generic-webhook/.helmignore @@ -0,0 +1,30 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +# Node.js files +node_modules/* +package.json +package-lock.json +src/* +config/* +Dockerfile +.dockerignore \ No newline at end of file diff --git a/hooks/generic-webhook/Chart.lock b/hooks/generic-webhook/Chart.lock new file mode 100644 index 00000000..eb7f3a24 --- /dev/null +++ b/hooks/generic-webhook/Chart.lock @@ -0,0 +1,3 @@ +dependencies: [] +digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 +generated: "2020-05-26T16:56:03.119255+02:00" diff --git a/hooks/generic-webhook/Chart.yaml b/hooks/generic-webhook/Chart.yaml new file mode 100644 index 00000000..821f54f1 --- /dev/null +++ b/hooks/generic-webhook/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: generic-webhook +description: Lets you send http webhooks after scans are completed + +type: application + +version: 0.1.0 + +appVersion: latest + +dependencies: [] diff --git a/hooks/generic-webhook/Dockerfile b/hooks/generic-webhook/Dockerfile new file mode 100644 index 00000000..11db260e --- /dev/null +++ b/hooks/generic-webhook/Dockerfile @@ -0,0 +1,10 @@ +FROM node:12-alpine as build +RUN mkdir -p /home/app +WORKDIR /home/app +COPY package.json package-lock.json ./ +RUN npm ci --production + +FROM scbexperimental/hook-sdk-nodejs:latest +WORKDIR /home/app/hook-wrapper/hook/ +COPY --from=build --chown=app:app /home/app/node_modules/ ./node_modules/ +COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/generic-webhook/__mocks__/axios.js b/hooks/generic-webhook/__mocks__/axios.js new file mode 100644 index 00000000..2eff1145 --- /dev/null +++ b/hooks/generic-webhook/__mocks__/axios.js @@ -0,0 +1 @@ +module.exports.post = jest.fn(); diff --git a/hooks/generic-webhook/hook.js b/hooks/generic-webhook/hook.js new file mode 100644 index 00000000..5f7b6dac --- /dev/null +++ b/hooks/generic-webhook/hook.js @@ -0,0 +1,15 @@ +const axios = require("axios"); + +async function handle({ + getFindings, + scan, + webhookUrl = process.env["WEBHOOK_URL"], +}) { + const findings = await getFindings(); + + console.log(`Sending ${findings.length} findings to ${webhookUrl}`); + + await axios.post(webhookUrl, { scan, findings }); +} +module.exports.handle = handle; +module.exports.axios = axios; diff --git a/hooks/generic-webhook/hook.test.js b/hooks/generic-webhook/hook.test.js new file mode 100644 index 00000000..3045f300 --- /dev/null +++ b/hooks/generic-webhook/hook.test.js @@ -0,0 +1,34 @@ +const { handle, axios } = require("./hook"); + +beforeEach(() => { + axios.post.mockClear(); +}); + +test("should send a post request to the url when fired", async () => { + const findings = []; + + const getFindings = async () => findings; + + const scan = { + metadata: { + uid: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", + name: "demo-scan", + labels: { + company: "iteratec", + }, + }, + spec: { + scanType: "Nmap", + parameters: ["-Pn", "localhost"], + }, + }; + + const webhookUrl = "http://example.com/foo/bar"; + + await handle({ getFindings, scan, webhookUrl }); + + expect(axios.post).toBeCalledWith(webhookUrl, { + scan, + findings: [], + }); +}); diff --git a/hooks/generic-webhook/package-lock.json b/hooks/generic-webhook/package-lock.json new file mode 100644 index 00000000..399651dd --- /dev/null +++ b/hooks/generic-webhook/package-lock.json @@ -0,0 +1,4705 @@ +{ + "name": "scb-generic-webhook", + "version": "1.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@babel/code-frame": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.8.3.tgz", + "integrity": "sha512-a9gxpmdXtZEInkCSHUJDLHZVBgb1QS0jhss4cPP93EW7s+uC5bikET2twEF3KV+7rDblJcmNvTR7VJejqd2C2g==", + "dev": true, + "requires": { + "@babel/highlight": "^7.8.3" + } + }, + "@babel/core": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.9.6.tgz", + "integrity": "sha512-nD3deLvbsApbHAHttzIssYqgb883yU/d9roe4RZymBCDaZryMJDbptVpEpeQuRh4BJ+SYI8le9YGxKvFEvl1Wg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/generator": "^7.9.6", + "@babel/helper-module-transforms": "^7.9.0", + "@babel/helpers": "^7.9.6", + "@babel/parser": "^7.9.6", + "@babel/template": "^7.8.6", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6", + "convert-source-map": "^1.7.0", + "debug": "^4.1.0", + "gensync": "^1.0.0-beta.1", + "json5": "^2.1.2", + "lodash": "^4.17.13", + "resolve": "^1.3.2", + "semver": "^5.4.1", + "source-map": "^0.5.0" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + }, + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/generator": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.9.6.tgz", + "integrity": "sha512-+htwWKJbH2bL72HRluF8zumBxzuX0ZZUFl3JLNyoUjM/Ho8wnVpPXM6aUz8cfKDqQ/h7zHqKt4xzJteUosckqQ==", + "dev": true, + "requires": { + "@babel/types": "^7.9.6", + "jsesc": "^2.5.1", + "lodash": "^4.17.13", + "source-map": "^0.5.0" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/helper-function-name": { + "version": "7.9.5", + "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.9.5.tgz", + "integrity": "sha512-JVcQZeXM59Cd1qanDUxv9fgJpt3NeKUaqBqUEvfmQ+BCOKq2xUgaWZW2hr0dkbyJgezYuplEoh5knmrnS68efw==", + "dev": true, + "requires": { + "@babel/helper-get-function-arity": "^7.8.3", + "@babel/template": "^7.8.3", + "@babel/types": "^7.9.5" + } + }, + "@babel/helper-get-function-arity": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.8.3.tgz", + "integrity": "sha512-FVDR+Gd9iLjUMY1fzE2SR0IuaJToR4RkCDARVfsBBPSP53GEqSFjD8gNyxg246VUyc/ALRxFaAK8rVG7UT7xRA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-member-expression-to-functions": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.8.3.tgz", + "integrity": "sha512-fO4Egq88utkQFjbPrSHGmGLFqmrshs11d46WI+WZDESt7Wu7wN2G2Iu+NMMZJFDOVRHAMIkB5SNh30NtwCA7RA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-module-imports": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.8.3.tgz", + "integrity": "sha512-R0Bx3jippsbAEtzkpZ/6FIiuzOURPcMjHp+Z6xPe6DtApDJx+w7UYyOLanZqO8+wKR9G10s/FmHXvxaMd9s6Kg==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-module-transforms": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.9.0.tgz", + "integrity": "sha512-0FvKyu0gpPfIQ8EkxlrAydOWROdHpBmiCiRwLkUiBGhCUPRRbVD2/tm3sFr/c/GWFrQ/ffutGUAnx7V0FzT2wA==", + "dev": true, + "requires": { + "@babel/helper-module-imports": "^7.8.3", + "@babel/helper-replace-supers": "^7.8.6", + "@babel/helper-simple-access": "^7.8.3", + "@babel/helper-split-export-declaration": "^7.8.3", + "@babel/template": "^7.8.6", + "@babel/types": "^7.9.0", + "lodash": "^4.17.13" + } + }, + "@babel/helper-optimise-call-expression": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.8.3.tgz", + "integrity": "sha512-Kag20n86cbO2AvHca6EJsvqAd82gc6VMGule4HwebwMlwkpXuVqrNRj6CkCV2sKxgi9MyAUnZVnZ6lJ1/vKhHQ==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-plugin-utils": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.8.3.tgz", + "integrity": "sha512-j+fq49Xds2smCUNYmEHF9kGNkhbet6yVIBp4e6oeQpH1RUs/Ir06xUKzDjDkGcaaokPiTNs2JBWHjaE4csUkZQ==", + "dev": true + }, + "@babel/helper-replace-supers": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.9.6.tgz", + "integrity": "sha512-qX+chbxkbArLyCImk3bWV+jB5gTNU/rsze+JlcF6Nf8tVTigPJSI1o1oBow/9Resa1yehUO9lIipsmu9oG4RzA==", + "dev": true, + "requires": { + "@babel/helper-member-expression-to-functions": "^7.8.3", + "@babel/helper-optimise-call-expression": "^7.8.3", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6" + } + }, + "@babel/helper-simple-access": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.8.3.tgz", + "integrity": "sha512-VNGUDjx5cCWg4vvCTR8qQ7YJYZ+HBjxOgXEl7ounz+4Sn7+LMD3CFrCTEU6/qXKbA2nKg21CwhhBzO0RpRbdCw==", + "dev": true, + "requires": { + "@babel/template": "^7.8.3", + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-split-export-declaration": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.8.3.tgz", + "integrity": "sha512-3x3yOeyBhW851hroze7ElzdkeRXQYQbFIb7gLK1WQYsw2GWDay5gAJNw1sWJ0VFP6z5J1whqeXH/WCdCjZv6dA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-validator-identifier": { + "version": "7.9.5", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.9.5.tgz", + "integrity": "sha512-/8arLKUFq882w4tWGj9JYzRpAlZgiWUJ+dtteNTDqrRBz9Iguck9Rn3ykuBDoUwh2TO4tSAJlrxDUOXWklJe4g==", + "dev": true + }, + "@babel/helpers": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.9.6.tgz", + "integrity": "sha512-tI4bUbldloLcHWoRUMAj4g1bF313M/o6fBKhIsb3QnGVPwRm9JsNf/gqMkQ7zjqReABiffPV6RWj7hEglID5Iw==", + "dev": true, + "requires": { + "@babel/template": "^7.8.3", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6" + } + }, + "@babel/highlight": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.9.0.tgz", + "integrity": "sha512-lJZPilxX7Op3Nv/2cvFdnlepPXDxi29wxteT57Q965oc5R9v86ztx0jfxVrTcBk8C2kcPkkDa2Z4T3ZsPPVWsQ==", + "dev": true, + "requires": { + "@babel/helper-validator-identifier": "^7.9.0", + "chalk": "^2.0.0", + "js-tokens": "^4.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "dev": true, + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "dev": true, + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "color-convert": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "dev": true, + "requires": { + "color-name": "1.1.3" + } + }, + "color-name": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", + "dev": true + }, + "has-flag": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", + "dev": true + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "@babel/parser": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.9.6.tgz", + "integrity": "sha512-AoeIEJn8vt+d/6+PXDRPaksYhnlbMIiejioBZvvMQsOjW/JYK6k/0dKnvvP3EhK5GfMBWDPtrxRtegWdAcdq9Q==", + "dev": true + }, + "@babel/plugin-syntax-async-generators": { + "version": "7.8.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-bigint": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", + "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-class-properties": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.8.3.tgz", + "integrity": "sha512-UcAyQWg2bAN647Q+O811tG9MrJ38Z10jjhQdKNAL8fsyPzE3cCN/uT+f55cFVY4aGO4jqJAvmqsuY3GQDwAoXg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-json-strings": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-logical-assignment-operators": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.8.3.tgz", + "integrity": "sha512-Zpg2Sgc++37kuFl6ppq2Q7Awc6E6AIW671x5PY8E/f7MCIyPPGK/EoeZXvvY3P42exZ3Q4/t3YOzP/HiN79jDg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-nullish-coalescing-operator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-numeric-separator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.8.3.tgz", + "integrity": "sha512-H7dCMAdN83PcCmqmkHB5dtp+Xa9a6LKSvA2hiFBC/5alSHxM5VgWZXFqDi0YFe8XNGT6iCa+z4V4zSt/PdZ7Dw==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-object-rest-spread": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-catch-binding": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-chaining": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/template": { + "version": "7.8.6", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.8.6.tgz", + "integrity": "sha512-zbMsPMy/v0PWFZEhQJ66bqjhH+z0JgMoBWuikXybgG3Gkd/3t5oQ1Rw2WQhnSrsOmsKXnZOx15tkC4qON/+JPg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/parser": "^7.8.6", + "@babel/types": "^7.8.6" + } + }, + "@babel/traverse": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.9.6.tgz", + "integrity": "sha512-b3rAHSjbxy6VEAvlxM8OV/0X4XrG72zoxme6q1MOoe2vd0bEc+TwayhuC1+Dfgqh1QEG+pj7atQqvUprHIccsg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/generator": "^7.9.6", + "@babel/helper-function-name": "^7.9.5", + "@babel/helper-split-export-declaration": "^7.8.3", + "@babel/parser": "^7.9.6", + "@babel/types": "^7.9.6", + "debug": "^4.1.0", + "globals": "^11.1.0", + "lodash": "^4.17.13" + } + }, + "@babel/types": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.9.6.tgz", + "integrity": "sha512-qxXzvBO//jO9ZnoasKF1uJzHd2+M6Q2ZPIVfnFps8JJvXy0ZBbwbNOmE6SGIY5XOY6d1Bo5lb9d9RJ8nv3WSeA==", + "dev": true, + "requires": { + "@babel/helper-validator-identifier": "^7.9.5", + "lodash": "^4.17.13", + "to-fast-properties": "^2.0.0" + } + }, + "@bcoe/v8-coverage": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", + "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "dev": true + }, + "@cnakazawa/watch": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@cnakazawa/watch/-/watch-1.0.4.tgz", + "integrity": "sha512-v9kIhKwjeZThiWrLmj0y17CWoyddASLj9O2yvbZkbvw/N3rWOYy9zkV66ursAoVr0mV15bL8g0c4QZUE6cdDoQ==", + "dev": true, + "requires": { + "exec-sh": "^0.3.2", + "minimist": "^1.2.0" + } + }, + "@istanbuljs/load-nyc-config": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", + "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "dev": true, + "requires": { + "camelcase": "^5.3.1", + "find-up": "^4.1.0", + "get-package-type": "^0.1.0", + "js-yaml": "^3.13.1", + "resolve-from": "^5.0.0" + } + }, + "@istanbuljs/schema": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.2.tgz", + "integrity": "sha512-tsAQNx32a8CoFhjhijUIhI4kccIAgmGhy8LZMZgGfmXcpMbPRUqn5LWmgRttILi6yeGmBJd2xsPkFMs0PzgPCw==", + "dev": true + }, + "@jest/console": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/console/-/console-25.5.0.tgz", + "integrity": "sha512-T48kZa6MK1Y6k4b89sexwmSF4YLeZS/Udqg3Jj3jG/cHH+N/sLFCEoXEDMOKugJQ9FxPN1osxIknvKkxt6MKyw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "jest-message-util": "^25.5.0", + "jest-util": "^25.5.0", + "slash": "^3.0.0" + } + }, + "@jest/core": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/@jest/core/-/core-25.5.4.tgz", + "integrity": "sha512-3uSo7laYxF00Dg/DMgbn4xMJKmDdWvZnf89n8Xj/5/AeQ2dOQmn6b6Hkj/MleyzZWXpwv+WSdYWl4cLsy2JsoA==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/reporters": "^25.5.1", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "ansi-escapes": "^4.2.1", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-changed-files": "^25.5.0", + "jest-config": "^25.5.4", + "jest-haste-map": "^25.5.1", + "jest-message-util": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-resolve-dependencies": "^25.5.4", + "jest-runner": "^25.5.4", + "jest-runtime": "^25.5.4", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "jest-watcher": "^25.5.0", + "micromatch": "^4.0.2", + "p-each-series": "^2.1.0", + "realpath-native": "^2.0.0", + "rimraf": "^3.0.0", + "slash": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "@jest/environment": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-25.5.0.tgz", + "integrity": "sha512-U2VXPEqL07E/V7pSZMSQCvV5Ea4lqOlT+0ZFijl/i316cRMHvZ4qC+jBdryd+lmRetjQo0YIQr6cVPNxxK87mA==", + "dev": true, + "requires": { + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0" + } + }, + "@jest/fake-timers": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-25.5.0.tgz", + "integrity": "sha512-9y2+uGnESw/oyOI3eww9yaxdZyHq7XvprfP/eeoCsjqKYts2yRlsHS/SgjPDV8FyMfn2nbMy8YzUk6nyvdLOpQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "lolex": "^5.0.0" + } + }, + "@jest/globals": { + "version": "25.5.2", + "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-25.5.2.tgz", + "integrity": "sha512-AgAS/Ny7Q2RCIj5kZ+0MuKM1wbF0WMLxbCVl/GOMoCNbODRdJ541IxJ98xnZdVSZXivKpJlNPIWa3QmY0l4CXA==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/types": "^25.5.0", + "expect": "^25.5.0" + } + }, + "@jest/reporters": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-25.5.1.tgz", + "integrity": "sha512-3jbd8pPDTuhYJ7vqiHXbSwTJQNavczPs+f1kRprRDxETeE3u6srJ+f0NPuwvOmk+lmunZzPkYWIFZDLHQPkviw==", + "dev": true, + "requires": { + "@bcoe/v8-coverage": "^0.2.3", + "@jest/console": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "collect-v8-coverage": "^1.0.0", + "exit": "^0.1.2", + "glob": "^7.1.2", + "graceful-fs": "^4.2.4", + "istanbul-lib-coverage": "^3.0.0", + "istanbul-lib-instrument": "^4.0.0", + "istanbul-lib-report": "^3.0.0", + "istanbul-lib-source-maps": "^4.0.0", + "istanbul-reports": "^3.0.2", + "jest-haste-map": "^25.5.1", + "jest-resolve": "^25.5.1", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "node-notifier": "^6.0.0", + "slash": "^3.0.0", + "source-map": "^0.6.0", + "string-length": "^3.1.0", + "terminal-link": "^2.0.0", + "v8-to-istanbul": "^4.1.3" + } + }, + "@jest/source-map": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-25.5.0.tgz", + "integrity": "sha512-eIGx0xN12yVpMcPaVpjXPnn3N30QGJCJQSkEDUt9x1fI1Gdvb07Ml6K5iN2hG7NmMP6FDmtPEssE3z6doOYUwQ==", + "dev": true, + "requires": { + "callsites": "^3.0.0", + "graceful-fs": "^4.2.4", + "source-map": "^0.6.0" + } + }, + "@jest/test-result": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-25.5.0.tgz", + "integrity": "sha512-oV+hPJgXN7IQf/fHWkcS99y0smKLU2czLBJ9WA0jHITLst58HpQMtzSYxzaBvYc6U5U6jfoMthqsUlUlbRXs0A==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/types": "^25.5.0", + "@types/istanbul-lib-coverage": "^2.0.0", + "collect-v8-coverage": "^1.0.0" + } + }, + "@jest/test-sequencer": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-25.5.4.tgz", + "integrity": "sha512-pTJGEkSeg1EkCO2YWq6hbFvKNXk8ejqlxiOg1jBNLnWrgXOkdY6UmqZpwGFXNnRt9B8nO1uWMzLLZ4eCmhkPNA==", + "dev": true, + "requires": { + "@jest/test-result": "^25.5.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^25.5.1", + "jest-runner": "^25.5.4", + "jest-runtime": "^25.5.4" + } + }, + "@jest/transform": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-25.5.1.tgz", + "integrity": "sha512-Y8CEoVwXb4QwA6Y/9uDkn0Xfz0finGkieuV0xkdF9UtZGJeLukD5nLkaVrVsODB1ojRWlaoD0AJZpVHCSnJEvg==", + "dev": true, + "requires": { + "@babel/core": "^7.1.0", + "@jest/types": "^25.5.0", + "babel-plugin-istanbul": "^6.0.0", + "chalk": "^3.0.0", + "convert-source-map": "^1.4.0", + "fast-json-stable-stringify": "^2.0.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^25.5.1", + "jest-regex-util": "^25.2.6", + "jest-util": "^25.5.0", + "micromatch": "^4.0.2", + "pirates": "^4.0.1", + "realpath-native": "^2.0.0", + "slash": "^3.0.0", + "source-map": "^0.6.1", + "write-file-atomic": "^3.0.0" + } + }, + "@jest/types": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-25.5.0.tgz", + "integrity": "sha512-OXD0RgQ86Tu3MazKo8bnrkDRaDXXMGUqd+kTtLtK1Zb7CRzQcaSRPPPV37SvYTdevXEBVxe0HXylEjs8ibkmCw==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "^2.0.0", + "@types/istanbul-reports": "^1.1.1", + "@types/yargs": "^15.0.0", + "chalk": "^3.0.0" + } + }, + "@sinonjs/commons": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.0.tgz", + "integrity": "sha512-wEj54PfsZ5jGSwMX68G8ZXFawcSglQSXqCftWX3ec8MDUzQdHgcKvw97awHbY0efQEL5iKUOAmmVtoYgmrSG4Q==", + "dev": true, + "requires": { + "type-detect": "4.0.8" + } + }, + "@types/babel__core": { + "version": "7.1.7", + "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.7.tgz", + "integrity": "sha512-RL62NqSFPCDK2FM1pSDH0scHpJvsXtZNiYlMB73DgPBaG1E38ZYVL+ei5EkWRbr+KC4YNiAUNBnRj+bgwpgjMw==", + "dev": true, + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0", + "@types/babel__generator": "*", + "@types/babel__template": "*", + "@types/babel__traverse": "*" + } + }, + "@types/babel__generator": { + "version": "7.6.1", + "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.1.tgz", + "integrity": "sha512-bBKm+2VPJcMRVwNhxKu8W+5/zT7pwNEqeokFOmbvVSqGzFneNxYcEBro9Ac7/N9tlsaPYnZLK8J1LWKkMsLAew==", + "dev": true, + "requires": { + "@babel/types": "^7.0.0" + } + }, + "@types/babel__template": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.0.2.tgz", + "integrity": "sha512-/K6zCpeW7Imzgab2bLkLEbz0+1JlFSrUMdw7KoIIu+IUdu51GWaBZpd3y1VXGVXzynvGa4DaIaxNZHiON3GXUg==", + "dev": true, + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0" + } + }, + "@types/babel__traverse": { + "version": "7.0.11", + "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.0.11.tgz", + "integrity": "sha512-ddHK5icION5U6q11+tV2f9Mo6CZVuT8GJKld2q9LqHSZbvLbH34Kcu2yFGckZut453+eQU6btIA3RihmnRgI+Q==", + "dev": true, + "requires": { + "@babel/types": "^7.3.0" + } + }, + "@types/color-name": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@types/color-name/-/color-name-1.1.1.tgz", + "integrity": "sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==", + "dev": true + }, + "@types/graceful-fs": { + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.3.tgz", + "integrity": "sha512-AiHRaEB50LQg0pZmm659vNBb9f4SJ0qrAnteuzhSeAUcJKxoYgEnprg/83kppCnc2zvtCKbdZry1a5pVY3lOTQ==", + "dev": true, + "requires": { + "@types/node": "*" + } + }, + "@types/istanbul-lib-coverage": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.2.tgz", + "integrity": "sha512-rsZg7eL+Xcxsxk2XlBt9KcG8nOp9iYdKCOikY9x2RFJCyOdNj4MKPQty0e8oZr29vVAzKXr1BmR+kZauti3o1w==", + "dev": true + }, + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "*" + } + }, + "@types/istanbul-reports": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-1.1.2.tgz", + "integrity": "sha512-P/W9yOX/3oPZSpaYOCQzGqgCQRXn0FFO/V8bWrCQs+wLmvVVxk6CRBXALEvNs9OHIatlnlFokfhuDo2ug01ciw==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "*", + "@types/istanbul-lib-report": "*" + } + }, + "@types/node": { + "version": "14.0.5", + "resolved": "https://registry.npmjs.org/@types/node/-/node-14.0.5.tgz", + "integrity": "sha512-90hiq6/VqtQgX8Sp0EzeIsv3r+ellbGj4URKj5j30tLlZvRUpnAe9YbYnjl3pJM93GyXU0tghHhvXHq+5rnCKA==", + "dev": true + }, + "@types/normalize-package-data": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@types/normalize-package-data/-/normalize-package-data-2.4.0.tgz", + "integrity": "sha512-f5j5b/Gf71L+dbqxIpQ4Z2WlmI/mPJ0fOkGGmFgtb6sAu97EPczzbS3/tJKxmcYDj55OX6ssqwDAWOHIYDRDGA==", + "dev": true + }, + "@types/prettier": { + "version": "1.19.1", + "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-1.19.1.tgz", + "integrity": "sha512-5qOlnZscTn4xxM5MeGXAMOsIOIKIbh9e85zJWfBRVPlRMEVawzoPhINYbRGkBZCI8LxvBe7tJCdWiarA99OZfQ==", + "dev": true + }, + "@types/stack-utils": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-1.0.1.tgz", + "integrity": "sha512-l42BggppR6zLmpfU6fq9HEa2oGPEI8yrSPL3GITjfRInppYFahObbIQOQK3UGxEnyQpltZLaPe75046NOZQikw==", + "dev": true + }, + "@types/yargs": { + "version": "15.0.5", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-15.0.5.tgz", + "integrity": "sha512-Dk/IDOPtOgubt/IaevIUbTgV7doaKkoorvOyYM2CMwuDyP89bekI7H4xLIwunNYiK9jhCkmc6pUrJk3cj2AB9w==", + "dev": true, + "requires": { + "@types/yargs-parser": "*" + } + }, + "@types/yargs-parser": { + "version": "15.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-15.0.0.tgz", + "integrity": "sha512-FA/BWv8t8ZWJ+gEOnLLd8ygxH/2UFbAvgEonyfN6yWGLKc7zVjbpl2Y4CTjid9h2RfgPP6SEt6uHwEOply00yw==", + "dev": true + }, + "abab": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.3.tgz", + "integrity": "sha512-tsFzPpcttalNjFBCFMqsKYQcWxxen1pgJR56by//QwvJc4/OUS3kPOOttx2tSIfjsylB0pYu7f5D3K1RCxUnUg==", + "dev": true + }, + "acorn": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.2.0.tgz", + "integrity": "sha512-apwXVmYVpQ34m/i71vrApRrRKCWQnZZF1+npOD0WV5xZFfwWOmKGQ2RWlfdy9vWITsenisM8M0Qeq8agcFHNiQ==", + "dev": true + }, + "acorn-globals": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-4.3.4.tgz", + "integrity": "sha512-clfQEh21R+D0leSbUdWf3OcfqyaCSAQ8Ryq00bofSekfr9W8u1jyYZo6ir0xu9Gtcf7BjcHJpnbZH7JOCpP60A==", + "dev": true, + "requires": { + "acorn": "^6.0.1", + "acorn-walk": "^6.0.1" + }, + "dependencies": { + "acorn": { + "version": "6.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", + "integrity": "sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==", + "dev": true + } + } + }, + "acorn-walk": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-6.2.0.tgz", + "integrity": "sha512-7evsyfH1cLOCdAzZAd43Cic04yKydNx0cF+7tiA19p1XnLLPU4dpCQOqpjqwokFe//vS0QqfqqjCS2JkiIs0cA==", + "dev": true + }, + "ajv": { + "version": "6.12.2", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.2.tgz", + "integrity": "sha512-k+V+hzjm5q/Mr8ef/1Y9goCmlsK4I6Sm74teeyGvFk1XrOsbsKLjEdrvny42CZ+a8sXbk8KWpY/bDwS+FLL2UQ==", + "dev": true, + "requires": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, + "ansi-escapes": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.1.tgz", + "integrity": "sha512-JWF7ocqNrp8u9oqpgV+wH5ftbt+cfvv+PTjOvKLT3AdYly/LmORARfEVT1iyjwN+4MqE5UmVKoAdIBqeoCHgLA==", + "dev": true, + "requires": { + "type-fest": "^0.11.0" + }, + "dependencies": { + "type-fest": { + "version": "0.11.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.11.0.tgz", + "integrity": "sha512-OdjXJxnCN1AvyLSzeKIgXTXxV+99ZuXl3Hpo9XpJAv9MBcHrrJOQ5kV7ypXOuQie+AmWG25hLbiKdwYTifzcfQ==", + "dev": true + } + } + }, + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==", + "dev": true + }, + "ansi-styles": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.2.1.tgz", + "integrity": "sha512-9VGjrMsG1vePxcSweQsN20KY/c4zN0h9fLjqAbwbPfahM3t+NL+M9HC8xeXG2I8pX5NoamTGNuomEUFI7fcUjA==", + "dev": true, + "requires": { + "@types/color-name": "^1.1.1", + "color-convert": "^2.0.1" + } + }, + "anymatch": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.1.tgz", + "integrity": "sha512-mM8522psRCqzV+6LhomX5wgp25YVibjh8Wj23I5RPkPppSVSjyKD2A2mBJmWGa+KN7f2D6LNh9jkBCeyLktzjg==", + "dev": true, + "requires": { + "normalize-path": "^3.0.0", + "picomatch": "^2.0.4" + } + }, + "argparse": { + "version": "1.0.10", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, + "requires": { + "sprintf-js": "~1.0.2" + } + }, + "arr-diff": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/arr-diff/-/arr-diff-4.0.0.tgz", + "integrity": "sha1-1kYQdP6/7HHn4VI1dhoyml3HxSA=", + "dev": true + }, + "arr-flatten": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/arr-flatten/-/arr-flatten-1.1.0.tgz", + "integrity": "sha512-L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg==", + "dev": true + }, + "arr-union": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-3.1.0.tgz", + "integrity": "sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ=", + "dev": true + }, + "array-equal": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/array-equal/-/array-equal-1.0.0.tgz", + "integrity": "sha1-jCpe8kcv2ep0KwTHenUJO6J1fJM=", + "dev": true + }, + "array-unique": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.3.2.tgz", + "integrity": "sha1-qJS3XUvE9s1nnvMkSp/Y9Gri1Cg=", + "dev": true + }, + "asn1": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", + "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", + "dev": true, + "requires": { + "safer-buffer": "~2.1.0" + } + }, + "assert-plus": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", + "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", + "dev": true + }, + "assign-symbols": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assign-symbols/-/assign-symbols-1.0.0.tgz", + "integrity": "sha1-WWZ/QfrdTyDMvCu5a41Pf3jsA2c=", + "dev": true + }, + "astral-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-1.0.0.tgz", + "integrity": "sha512-+Ryf6g3BKoRc7jfp7ad8tM4TtMiaWvbF/1/sQcZPkkS7ag3D5nMBCe2UfOTONtAkaG0tO0ij3C5Lwmf1EiyjHg==", + "dev": true + }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", + "dev": true + }, + "atob": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz", + "integrity": "sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==", + "dev": true + }, + "aws-sign2": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", + "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", + "dev": true + }, + "aws4": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.10.0.tgz", + "integrity": "sha512-3YDiu347mtVtjpyV3u5kVqQLP242c06zwDOgpeRnybmXlYYsLbtTrUBUm8i8srONt+FWobl5aibnU1030PeeuA==", + "dev": true + }, + "axios": { + "version": "0.19.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.19.2.tgz", + "integrity": "sha512-fjgm5MvRHLhx+osE2xoekY70AhARk3a6hkN+3Io1jc00jtquGvxYlKlsFUhmUET0V5te6CcZI7lcv2Ym61mjHA==", + "requires": { + "follow-redirects": "1.5.10" + } + }, + "babel-jest": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-25.5.1.tgz", + "integrity": "sha512-9dA9+GmMjIzgPnYtkhBg73gOo/RHqPmLruP3BaGL4KEX3Dwz6pI8auSN8G8+iuEG90+GSswyKvslN+JYSaacaQ==", + "dev": true, + "requires": { + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "@types/babel__core": "^7.1.7", + "babel-plugin-istanbul": "^6.0.0", + "babel-preset-jest": "^25.5.0", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "slash": "^3.0.0" + } + }, + "babel-plugin-istanbul": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.0.0.tgz", + "integrity": "sha512-AF55rZXpe7trmEylbaE1Gv54wn6rwU03aptvRoVIGP8YykoSxqdVLV1TfwflBCE/QtHmqtP8SWlTENqbK8GCSQ==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.0.0", + "@istanbuljs/load-nyc-config": "^1.0.0", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-instrument": "^4.0.0", + "test-exclude": "^6.0.0" + } + }, + "babel-plugin-jest-hoist": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-25.5.0.tgz", + "integrity": "sha512-u+/W+WAjMlvoocYGTwthAiQSxDcJAyHpQ6oWlHdFZaaN+Rlk8Q7iiwDPg2lN/FyJtAYnKjFxbn7xus4HCFkg5g==", + "dev": true, + "requires": { + "@babel/template": "^7.3.3", + "@babel/types": "^7.3.3", + "@types/babel__traverse": "^7.0.6" + } + }, + "babel-preset-current-node-syntax": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-0.1.2.tgz", + "integrity": "sha512-u/8cS+dEiK1SFILbOC8/rUI3ml9lboKuuMvZ/4aQnQmhecQAgPw5ew066C1ObnEAUmlx7dv/s2z52psWEtLNiw==", + "dev": true, + "requires": { + "@babel/plugin-syntax-async-generators": "^7.8.4", + "@babel/plugin-syntax-bigint": "^7.8.3", + "@babel/plugin-syntax-class-properties": "^7.8.3", + "@babel/plugin-syntax-json-strings": "^7.8.3", + "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", + "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", + "@babel/plugin-syntax-numeric-separator": "^7.8.3", + "@babel/plugin-syntax-object-rest-spread": "^7.8.3", + "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", + "@babel/plugin-syntax-optional-chaining": "^7.8.3" + } + }, + "babel-preset-jest": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-25.5.0.tgz", + "integrity": "sha512-8ZczygctQkBU+63DtSOKGh7tFL0CeCuz+1ieud9lJ1WPQ9O6A1a/r+LGn6Y705PA6whHQ3T1XuB/PmpfNYf8Fw==", + "dev": true, + "requires": { + "babel-plugin-jest-hoist": "^25.5.0", + "babel-preset-current-node-syntax": "^0.1.2" + } + }, + "balanced-match": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", + "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=", + "dev": true + }, + "base": { + "version": "0.11.2", + "resolved": "https://registry.npmjs.org/base/-/base-0.11.2.tgz", + "integrity": "sha512-5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg==", + "dev": true, + "requires": { + "cache-base": "^1.0.1", + "class-utils": "^0.3.5", + "component-emitter": "^1.2.1", + "define-property": "^1.0.0", + "isobject": "^3.0.1", + "mixin-deep": "^1.2.0", + "pascalcase": "^0.1.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "bcrypt-pbkdf": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", + "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", + "dev": true, + "requires": { + "tweetnacl": "^0.14.3" + } + }, + "brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "dev": true, + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "braces": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "dev": true, + "requires": { + "fill-range": "^7.0.1" + } + }, + "browser-process-hrtime": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", + "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==", + "dev": true + }, + "browser-resolve": { + "version": "1.11.3", + "resolved": "https://registry.npmjs.org/browser-resolve/-/browser-resolve-1.11.3.tgz", + "integrity": "sha512-exDi1BYWB/6raKHmDTCicQfTkqwN5fioMFV4j8BsfMU4R2DK/QfZfK7kOVkmWCNANf0snkBzqGqAJBao9gZMdQ==", + "dev": true, + "requires": { + "resolve": "1.1.7" + }, + "dependencies": { + "resolve": { + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.1.7.tgz", + "integrity": "sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs=", + "dev": true + } + } + }, + "bser": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "dev": true, + "requires": { + "node-int64": "^0.4.0" + } + }, + "buffer-from": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", + "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==", + "dev": true + }, + "cache-base": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/cache-base/-/cache-base-1.0.1.tgz", + "integrity": "sha512-AKcdTnFSWATd5/GCPRxr2ChwIJ85CeyrEyjRHlKxQ56d4XJMGym0uAiKn0xbLOGOl3+yRpOTi484dVCEc5AUzQ==", + "dev": true, + "requires": { + "collection-visit": "^1.0.0", + "component-emitter": "^1.2.1", + "get-value": "^2.0.6", + "has-value": "^1.0.0", + "isobject": "^3.0.1", + "set-value": "^2.0.0", + "to-object-path": "^0.3.0", + "union-value": "^1.0.0", + "unset-value": "^1.0.0" + } + }, + "callsites": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "dev": true + }, + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true + }, + "capture-exit": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/capture-exit/-/capture-exit-2.0.0.tgz", + "integrity": "sha512-PiT/hQmTonHhl/HFGN+Lx3JJUznrVYJ3+AQsnthneZbvW7x+f08Tk7yLJTLEOUvBTbduLeeBkxEaYXUOUrRq6g==", + "dev": true, + "requires": { + "rsvp": "^4.8.4" + } + }, + "caseless": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", + "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=", + "dev": true + }, + "chalk": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-3.0.0.tgz", + "integrity": "sha512-4D3B6Wf41KOYRFdszmDqMCGq5VV/uMAB273JILmO+3jAlh8X4qDtdtgCR3fxtbLEMzSx22QdhnDcJvu2u1fVwg==", + "dev": true, + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } + }, + "ci-info": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", + "integrity": "sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==", + "dev": true + }, + "class-utils": { + "version": "0.3.6", + "resolved": "https://registry.npmjs.org/class-utils/-/class-utils-0.3.6.tgz", + "integrity": "sha512-qOhPa/Fj7s6TY8H8esGu5QNpMMQxz79h+urzrNYN6mn+9BnxlDGf5QZ+XeCDsxSjPqsSR56XOZOJmpeurnLMeg==", + "dev": true, + "requires": { + "arr-union": "^3.1.0", + "define-property": "^0.2.5", + "isobject": "^3.0.0", + "static-extend": "^0.1.1" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "cliui": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-6.0.0.tgz", + "integrity": "sha512-t6wbgtoCXvAzst7QgXxJYqPt0usEfbgQdftEPbLL/cvv6HPE5VgvqCuAIDR0NgU52ds6rFwqrgakNLrHEjCbrQ==", + "dev": true, + "requires": { + "string-width": "^4.2.0", + "strip-ansi": "^6.0.0", + "wrap-ansi": "^6.2.0" + } + }, + "co": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=", + "dev": true + }, + "collect-v8-coverage": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", + "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", + "dev": true + }, + "collection-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/collection-visit/-/collection-visit-1.0.0.tgz", + "integrity": "sha1-S8A3PBZLwykbTTaMgpzxqApZ3KA=", + "dev": true, + "requires": { + "map-visit": "^1.0.0", + "object-visit": "^1.0.0" + } + }, + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "requires": { + "color-name": "~1.1.4" + } + }, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dev": true, + "requires": { + "delayed-stream": "~1.0.0" + } + }, + "component-emitter": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz", + "integrity": "sha512-Rd3se6QB+sO1TwqZjscQrurpEPIfO0/yYnSin6Q/rD3mOutHvUrCAhJub3r90uNb+SESBuE0QYoB90YdfatsRg==", + "dev": true + }, + "concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", + "dev": true + }, + "convert-source-map": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.7.0.tgz", + "integrity": "sha512-4FJkXzKXEDB1snCFZlLP4gpC3JILicCpGbzG9f9G7tGqGCzETQ2hWPrcinA9oU4wtf2biUaEH5065UnMeR33oA==", + "dev": true, + "requires": { + "safe-buffer": "~5.1.1" + } + }, + "copy-descriptor": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz", + "integrity": "sha1-Z29us8OZl8LuGsOpJP1hJHSPV40=", + "dev": true + }, + "core-util-is": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", + "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=", + "dev": true + }, + "cross-spawn": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", + "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==", + "dev": true, + "requires": { + "nice-try": "^1.0.4", + "path-key": "^2.0.1", + "semver": "^5.5.0", + "shebang-command": "^1.2.0", + "which": "^1.2.9" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + }, + "which": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", + "dev": true, + "requires": { + "isexe": "^2.0.0" + } + } + } + }, + "cssom": { + "version": "0.4.4", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz", + "integrity": "sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw==", + "dev": true + }, + "cssstyle": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-2.3.0.tgz", + "integrity": "sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A==", + "dev": true, + "requires": { + "cssom": "~0.3.6" + }, + "dependencies": { + "cssom": { + "version": "0.3.8", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz", + "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==", + "dev": true + } + } + }, + "dashdash": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", + "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0" + } + }, + "data-urls": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-1.1.0.tgz", + "integrity": "sha512-YTWYI9se1P55u58gL5GkQHW4P6VJBJ5iBT+B5a7i2Tjadhv52paJG0qHX4A0OR6/t52odI64KP2YvFpkDOi3eQ==", + "dev": true, + "requires": { + "abab": "^2.0.0", + "whatwg-mimetype": "^2.2.0", + "whatwg-url": "^7.0.0" + } + }, + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "dev": true, + "requires": { + "ms": "^2.1.1" + } + }, + "decamelize": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", + "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=", + "dev": true + }, + "decode-uri-component": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.0.tgz", + "integrity": "sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=", + "dev": true + }, + "deep-is": { + "version": "0.1.3", + "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", + "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", + "dev": true + }, + "deepmerge": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz", + "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==", + "dev": true + }, + "define-property": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-2.0.2.tgz", + "integrity": "sha512-jwK2UV4cnPpbcG7+VRARKTZPUWowwXA8bzH5NP6ud0oeAxyYPuGZUAC7hMugpCdz4BeSZl2Dl9k66CHJ/46ZYQ==", + "dev": true, + "requires": { + "is-descriptor": "^1.0.2", + "isobject": "^3.0.1" + }, + "dependencies": { + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", + "dev": true + }, + "detect-newline": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", + "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "dev": true + }, + "diff-sequences": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-25.2.6.tgz", + "integrity": "sha512-Hq8o7+6GaZeoFjtpgvRBUknSXNeJiCx7V9Fr94ZMljNiCr9n9L8H8aJqgWOQiDDGdyn29fRNcDdRVJ5fdyihfg==", + "dev": true + }, + "domexception": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/domexception/-/domexception-1.0.1.tgz", + "integrity": "sha512-raigMkn7CJNNo6Ihro1fzG7wr3fHuYVytzquZKX5n0yizGsTcYgzdIUwj1X9pK0VvjeihV+XiclP+DjwbsSKug==", + "dev": true, + "requires": { + "webidl-conversions": "^4.0.2" + } + }, + "ecc-jsbn": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", + "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "dev": true, + "requires": { + "jsbn": "~0.1.0", + "safer-buffer": "^2.1.0" + } + }, + "emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true + }, + "end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "dev": true, + "requires": { + "once": "^1.4.0" + } + }, + "error-ex": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "dev": true, + "requires": { + "is-arrayish": "^0.2.1" + } + }, + "escape-string-regexp": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", + "dev": true + }, + "escodegen": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-1.14.1.tgz", + "integrity": "sha512-Bmt7NcRySdIfNPfU2ZoXDrrXsG9ZjvDxcAlMfDUgRBjLOWTuIACXPBFJH7Z+cLb40JeQco5toikyc9t9P8E9SQ==", + "dev": true, + "requires": { + "esprima": "^4.0.1", + "estraverse": "^4.2.0", + "esutils": "^2.0.2", + "optionator": "^0.8.1", + "source-map": "~0.6.1" + } + }, + "esprima": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true + }, + "estraverse": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==", + "dev": true + }, + "esutils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", + "dev": true + }, + "exec-sh": { + "version": "0.3.4", + "resolved": "https://registry.npmjs.org/exec-sh/-/exec-sh-0.3.4.tgz", + "integrity": "sha512-sEFIkc61v75sWeOe72qyrqg2Qg0OuLESziUDk/O/z2qgS15y2gWVFrI6f2Qn/qw/0/NCfCEsmNA4zOjkwEZT1A==", + "dev": true + }, + "execa": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz", + "integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==", + "dev": true, + "requires": { + "cross-spawn": "^6.0.0", + "get-stream": "^4.0.0", + "is-stream": "^1.1.0", + "npm-run-path": "^2.0.0", + "p-finally": "^1.0.0", + "signal-exit": "^3.0.0", + "strip-eof": "^1.0.0" + } + }, + "exit": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw=", + "dev": true + }, + "expand-brackets": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/expand-brackets/-/expand-brackets-2.1.4.tgz", + "integrity": "sha1-t3c14xXOMPa27/D4OwQVGiJEliI=", + "dev": true, + "requires": { + "debug": "^2.3.3", + "define-property": "^0.2.5", + "extend-shallow": "^2.0.1", + "posix-character-classes": "^0.1.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true + } + } + }, + "expect": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/expect/-/expect-25.5.0.tgz", + "integrity": "sha512-w7KAXo0+6qqZZhovCaBVPSIqQp7/UTcx4M9uKt2m6pd2VB1voyC8JizLRqeEqud3AAVP02g+hbErDu5gu64tlA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "ansi-styles": "^4.0.0", + "jest-get-type": "^25.2.6", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-regex-util": "^25.2.6" + } + }, + "extend": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", + "dev": true + }, + "extend-shallow": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-3.0.2.tgz", + "integrity": "sha1-Jqcarwc7OfshJxcnRhMcJwQCjbg=", + "dev": true, + "requires": { + "assign-symbols": "^1.0.0", + "is-extendable": "^1.0.1" + }, + "dependencies": { + "is-extendable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", + "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "dev": true, + "requires": { + "is-plain-object": "^2.0.4" + } + } + } + }, + "extglob": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/extglob/-/extglob-2.0.4.tgz", + "integrity": "sha512-Nmb6QXkELsuBr24CJSkilo6UHHgbekK5UiZgfE6UHD3Eb27YC6oD+bhcT+tJ6cl8dmsgdQxnWlcry8ksBIBLpw==", + "dev": true, + "requires": { + "array-unique": "^0.3.2", + "define-property": "^1.0.0", + "expand-brackets": "^2.1.4", + "extend-shallow": "^2.0.1", + "fragment-cache": "^0.2.1", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "extsprintf": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", + "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", + "dev": true + }, + "fast-deep-equal": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.1.tgz", + "integrity": "sha512-8UEa58QDLauDNfpbrX55Q9jrGHThw2ZMdOky5Gl1CDtVeJDPVrG4Jxx1N8jw2gkWaff5UUuX1KJd+9zGe2B+ZA==", + "dev": true + }, + "fast-json-stable-stringify": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", + "dev": true + }, + "fast-levenshtein": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", + "dev": true + }, + "fb-watchman": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", + "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", + "dev": true, + "requires": { + "bser": "2.1.1" + } + }, + "fill-range": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "dev": true, + "requires": { + "to-regex-range": "^5.0.1" + } + }, + "find-up": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dev": true, + "requires": { + "locate-path": "^5.0.0", + "path-exists": "^4.0.0" + } + }, + "follow-redirects": { + "version": "1.5.10", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz", + "integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==", + "requires": { + "debug": "=3.1.0" + }, + "dependencies": { + "debug": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz", + "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==", + "requires": { + "ms": "2.0.0" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" + } + } + }, + "for-in": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz", + "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA=", + "dev": true + }, + "forever-agent": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", + "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", + "dev": true + }, + "form-data": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", + "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", + "dev": true, + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.6", + "mime-types": "^2.1.12" + } + }, + "fragment-cache": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/fragment-cache/-/fragment-cache-0.2.1.tgz", + "integrity": "sha1-QpD60n8T6Jvn8zeZxrxaCr//DRk=", + "dev": true, + "requires": { + "map-cache": "^0.2.2" + } + }, + "fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", + "dev": true + }, + "fsevents": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.1.3.tgz", + "integrity": "sha512-Auw9a4AxqWpa9GUfj370BMPzzyncfBABW8Mab7BGWBYDj4Isgq+cDKtx0i6u9jcX9pQDnswsaaOTgTmA5pEjuQ==", + "dev": true, + "optional": true + }, + "gensync": { + "version": "1.0.0-beta.1", + "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.1.tgz", + "integrity": "sha512-r8EC6NO1sngH/zdD9fiRDLdcgnbayXah+mLgManTaIZJqEC1MZstmnox8KpnI2/fxQwrp5OpCOYWLp4rBl4Jcg==", + "dev": true + }, + "get-caller-file": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true + }, + "get-package-type": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", + "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "dev": true + }, + "get-stream": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz", + "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==", + "dev": true, + "requires": { + "pump": "^3.0.0" + } + }, + "get-value": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/get-value/-/get-value-2.0.6.tgz", + "integrity": "sha1-3BXKHGcjh8p2vTesCjlbogQqLCg=", + "dev": true + }, + "getpass": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", + "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0" + } + }, + "glob": { + "version": "7.1.6", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", + "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", + "dev": true, + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + } + }, + "globals": { + "version": "11.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true + }, + "graceful-fs": { + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.4.tgz", + "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==", + "dev": true + }, + "growly": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/growly/-/growly-1.3.0.tgz", + "integrity": "sha1-8QdIy+dq+WS3yWyTxrzCivEgwIE=", + "dev": true, + "optional": true + }, + "har-schema": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", + "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", + "dev": true + }, + "har-validator": { + "version": "5.1.3", + "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz", + "integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==", + "dev": true, + "requires": { + "ajv": "^6.5.5", + "har-schema": "^2.0.0" + } + }, + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "dev": true + }, + "has-value": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-value/-/has-value-1.0.0.tgz", + "integrity": "sha1-GLKB2lhbHFxR3vJMkw7SmgvmsXc=", + "dev": true, + "requires": { + "get-value": "^2.0.6", + "has-values": "^1.0.0", + "isobject": "^3.0.0" + } + }, + "has-values": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-values/-/has-values-1.0.0.tgz", + "integrity": "sha1-lbC2P+whRmGab+V/51Yo1aOe/k8=", + "dev": true, + "requires": { + "is-number": "^3.0.0", + "kind-of": "^4.0.0" + }, + "dependencies": { + "is-number": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", + "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "kind-of": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-4.0.0.tgz", + "integrity": "sha1-IIE989cSkosgc3hpGkUGb65y3Vc=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "hosted-git-info": { + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.8.tgz", + "integrity": "sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==", + "dev": true + }, + "html-encoding-sniffer": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-1.0.2.tgz", + "integrity": "sha512-71lZziiDnsuabfdYiUeWdCVyKuqwWi23L8YeIgV9jSSZHCtb6wB1BKWooH7L3tn4/FuZJMVWyNaIDr4RGmaSYw==", + "dev": true, + "requires": { + "whatwg-encoding": "^1.0.1" + } + }, + "html-escaper": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "dev": true + }, + "http-signature": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", + "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0", + "jsprim": "^1.2.2", + "sshpk": "^1.7.0" + } + }, + "human-signals": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-1.1.1.tgz", + "integrity": "sha512-SEQu7vl8KjNL2eoGBLF3+wAjpsNfA9XMlXAYj/3EdaNfAlxKthD1xjEQfGOUhllCGGJVNY34bRr6lPINhNjyZw==", + "dev": true + }, + "iconv-lite": { + "version": "0.4.24", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", + "dev": true, + "requires": { + "safer-buffer": ">= 2.1.2 < 3" + } + }, + "import-local": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.2.tgz", + "integrity": "sha512-vjL3+w0oulAVZ0hBHnxa/Nm5TAurf9YLQJDhqRZyqb+VKGOB6LU8t9H1Nr5CIo16vh9XfJTOoHwU0B71S557gA==", + "dev": true, + "requires": { + "pkg-dir": "^4.2.0", + "resolve-cwd": "^3.0.0" + } + }, + "imurmurhash": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", + "dev": true + }, + "inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "dev": true, + "requires": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "ip-regex": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-2.1.0.tgz", + "integrity": "sha1-+ni/XS5pE8kRzp+BnuUUa7bYROk=", + "dev": true + }, + "is-accessor-descriptor": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz", + "integrity": "sha1-qeEss66Nh2cn7u84Q/igiXtcmNY=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "is-arrayish": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", + "dev": true + }, + "is-buffer": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", + "dev": true + }, + "is-ci": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-2.0.0.tgz", + "integrity": "sha512-YfJT7rkpQB0updsdHLGWrvhBJfcfzNNawYDNIyQXJz0IViGf75O8EBPKSdvw2rF+LGCsX4FZ8tcr3b19LcZq4w==", + "dev": true, + "requires": { + "ci-info": "^2.0.0" + } + }, + "is-data-descriptor": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-0.1.4.tgz", + "integrity": "sha1-C17mSDiOLIYCgueT8YVv7D8wG1Y=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "is-descriptor": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-0.1.6.tgz", + "integrity": "sha512-avDYr0SB3DwO9zsMov0gKCESFYqCnE4hq/4z3TdUlukEy5t9C0YRq7HLrsN52NAcqXKaepeCD0n+B0arnVG3Hg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^0.1.6", + "is-data-descriptor": "^0.1.4", + "kind-of": "^5.0.0" + }, + "dependencies": { + "kind-of": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-5.1.0.tgz", + "integrity": "sha512-NGEErnH6F2vUuXDh+OlbcKW7/wOcfdRHaZ7VWtqCztfHri/++YKmP51OdWeGPuqCOba6kk2OTe5d02VmTB80Pw==", + "dev": true + } + } + }, + "is-docker": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.0.0.tgz", + "integrity": "sha512-pJEdRugimx4fBMra5z2/5iRdZ63OhYV0vr0Dwm5+xtW4D1FvRkB8hamMIhnWfyJeDdyr/aa7BDyNbtG38VxgoQ==", + "dev": true, + "optional": true + }, + "is-extendable": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz", + "integrity": "sha1-YrEQ4omkcUGOPsNqYX1HLjAd/Ik=", + "dev": true + }, + "is-fullwidth-code-point": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true + }, + "is-generator-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "dev": true + }, + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true + }, + "is-plain-object": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", + "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==", + "dev": true, + "requires": { + "isobject": "^3.0.1" + } + }, + "is-stream": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", + "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=", + "dev": true + }, + "is-typedarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", + "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", + "dev": true + }, + "is-windows": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", + "integrity": "sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA==", + "dev": true + }, + "is-wsl": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", + "integrity": "sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==", + "dev": true, + "optional": true, + "requires": { + "is-docker": "^2.0.0" + } + }, + "isarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=", + "dev": true + }, + "isexe": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", + "dev": true + }, + "isobject": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz", + "integrity": "sha1-TkMekrEalzFjaqH5yNHMvP2reN8=", + "dev": true + }, + "isstream": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", + "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=", + "dev": true + }, + "istanbul-lib-coverage": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.0.0.tgz", + "integrity": "sha512-UiUIqxMgRDET6eR+o5HbfRYP1l0hqkWOs7vNxC/mggutCMUIhWMm8gAHb8tHlyfD3/l6rlgNA5cKdDzEAf6hEg==", + "dev": true + }, + "istanbul-lib-instrument": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz", + "integrity": "sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==", + "dev": true, + "requires": { + "@babel/core": "^7.7.5", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-coverage": "^3.0.0", + "semver": "^6.3.0" + } + }, + "istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", + "dev": true, + "requires": { + "istanbul-lib-coverage": "^3.0.0", + "make-dir": "^3.0.0", + "supports-color": "^7.1.0" + } + }, + "istanbul-lib-source-maps": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.0.tgz", + "integrity": "sha512-c16LpFRkR8vQXyHZ5nLpY35JZtzj1PQY1iZmesUbf1FZHbIupcWfjgOXBY9YHkLEQ6puz1u4Dgj6qmU/DisrZg==", + "dev": true, + "requires": { + "debug": "^4.1.1", + "istanbul-lib-coverage": "^3.0.0", + "source-map": "^0.6.1" + } + }, + "istanbul-reports": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.0.2.tgz", + "integrity": "sha512-9tZvz7AiR3PEDNGiV9vIouQ/EAcqMXFmkcA1CDFTwOB98OZVDL0PH9glHotf5Ugp6GCOTypfzGWI/OqjWNCRUw==", + "dev": true, + "requires": { + "html-escaper": "^2.0.0", + "istanbul-lib-report": "^3.0.0" + } + }, + "jest": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest/-/jest-25.5.4.tgz", + "integrity": "sha512-hHFJROBTqZahnO+X+PMtT6G2/ztqAZJveGqz//FnWWHurizkD05PQGzRZOhF3XP6z7SJmL+5tCfW8qV06JypwQ==", + "dev": true, + "requires": { + "@jest/core": "^25.5.4", + "import-local": "^3.0.2", + "jest-cli": "^25.5.4" + }, + "dependencies": { + "jest-cli": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-25.5.4.tgz", + "integrity": "sha512-rG8uJkIiOUpnREh1768/N3n27Cm+xPFkSNFO91tgg+8o2rXeVLStz+vkXkGr4UtzH6t1SNbjwoiswd7p4AhHTw==", + "dev": true, + "requires": { + "@jest/core": "^25.5.4", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "import-local": "^3.0.2", + "is-ci": "^2.0.0", + "jest-config": "^25.5.4", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "prompts": "^2.0.1", + "realpath-native": "^2.0.0", + "yargs": "^15.3.1" + } + } + } + }, + "jest-changed-files": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-25.5.0.tgz", + "integrity": "sha512-EOw9QEqapsDT7mKF162m8HFzRPbmP8qJQny6ldVOdOVBz3ACgPm/1nAn5fPQ/NDaYhX/AHkrGwwkCncpAVSXcw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "execa": "^3.2.0", + "throat": "^5.0.0" + }, + "dependencies": { + "cross-spawn": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "dev": true, + "requires": { + "path-key": "^3.1.0", + "shebang-command": "^2.0.0", + "which": "^2.0.1" + } + }, + "execa": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/execa/-/execa-3.4.0.tgz", + "integrity": "sha512-r9vdGQk4bmCuK1yKQu1KTwcT2zwfWdbdaXfCtAh+5nU/4fSX+JAb7vZGvI5naJrQlvONrEB20jeruESI69530g==", + "dev": true, + "requires": { + "cross-spawn": "^7.0.0", + "get-stream": "^5.0.0", + "human-signals": "^1.1.1", + "is-stream": "^2.0.0", + "merge-stream": "^2.0.0", + "npm-run-path": "^4.0.0", + "onetime": "^5.1.0", + "p-finally": "^2.0.0", + "signal-exit": "^3.0.2", + "strip-final-newline": "^2.0.0" + } + }, + "get-stream": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.1.0.tgz", + "integrity": "sha512-EXr1FOzrzTfGeL0gQdeFEvOMm2mzMOglyiOXSTpPC+iAjAKftbr3jpCMWynogwYnM+eSj9sHGc6wjIcDvYiygw==", + "dev": true, + "requires": { + "pump": "^3.0.0" + } + }, + "is-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.0.tgz", + "integrity": "sha512-XCoy+WlUr7d1+Z8GgSuXmpuUFC9fOhRXglJMx+dwLKTkL44Cjd4W1Z5P+BQZpr+cR93aGP4S/s7Ftw6Nd/kiEw==", + "dev": true + }, + "npm-run-path": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", + "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "dev": true, + "requires": { + "path-key": "^3.0.0" + } + }, + "p-finally": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-2.0.1.tgz", + "integrity": "sha512-vpm09aKwq6H9phqRQzecoDpD8TmVyGw70qmWlyq5onxY7tqyTTFVvxMykxQSQKILBSFlbXpypIw2T1Ml7+DDtw==", + "dev": true + }, + "path-key": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true + }, + "shebang-command": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, + "requires": { + "shebang-regex": "^3.0.0" + } + }, + "shebang-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true + } + } + }, + "jest-config": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-25.5.4.tgz", + "integrity": "sha512-SZwR91SwcdK6bz7Gco8qL7YY2sx8tFJYzvg216DLihTWf+LKY/DoJXpM9nTzYakSyfblbqeU48p/p7Jzy05Atg==", + "dev": true, + "requires": { + "@babel/core": "^7.1.0", + "@jest/test-sequencer": "^25.5.4", + "@jest/types": "^25.5.0", + "babel-jest": "^25.5.1", + "chalk": "^3.0.0", + "deepmerge": "^4.2.2", + "glob": "^7.1.1", + "graceful-fs": "^4.2.4", + "jest-environment-jsdom": "^25.5.0", + "jest-environment-node": "^25.5.0", + "jest-get-type": "^25.2.6", + "jest-jasmine2": "^25.5.4", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "micromatch": "^4.0.2", + "pretty-format": "^25.5.0", + "realpath-native": "^2.0.0" + } + }, + "jest-diff": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-25.5.0.tgz", + "integrity": "sha512-z1kygetuPiREYdNIumRpAHY6RXiGmp70YHptjdaxTWGmA085W3iCnXNx0DhflK3vwrKmrRWyY1wUpkPMVxMK7A==", + "dev": true, + "requires": { + "chalk": "^3.0.0", + "diff-sequences": "^25.2.6", + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-docblock": { + "version": "25.3.0", + "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-25.3.0.tgz", + "integrity": "sha512-aktF0kCar8+zxRHxQZwxMy70stc9R1mOmrLsT5VO3pIT0uzGRSDAXxSlz4NqQWpuLjPpuMhPRl7H+5FRsvIQAg==", + "dev": true, + "requires": { + "detect-newline": "^3.0.0" + } + }, + "jest-each": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-25.5.0.tgz", + "integrity": "sha512-QBogUxna3D8vtiItvn54xXde7+vuzqRrEeaw8r1s+1TG9eZLVJE5ZkKoSUlqFwRjnlaA4hyKGiu9OlkFIuKnjA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "jest-get-type": "^25.2.6", + "jest-util": "^25.5.0", + "pretty-format": "^25.5.0" + } + }, + "jest-environment-jsdom": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-environment-jsdom/-/jest-environment-jsdom-25.5.0.tgz", + "integrity": "sha512-7Jr02ydaq4jaWMZLY+Skn8wL5nVIYpWvmeatOHL3tOcV3Zw8sjnPpx+ZdeBfc457p8jCR9J6YCc+Lga0oIy62A==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "jsdom": "^15.2.1" + } + }, + "jest-environment-node": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-25.5.0.tgz", + "integrity": "sha512-iuxK6rQR2En9EID+2k+IBs5fCFd919gVVK5BeND82fYeLWPqvRcFNPKu9+gxTwfB5XwBGBvZ0HFQa+cHtIoslA==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "semver": "^6.3.0" + } + }, + "jest-get-type": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-25.2.6.tgz", + "integrity": "sha512-DxjtyzOHjObRM+sM1knti6or+eOgcGU4xVSb2HNP1TqO4ahsT+rqZg+nyqHWJSvWgKC5cG3QjGFBqxLghiF/Ig==", + "dev": true + }, + "jest-haste-map": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-25.5.1.tgz", + "integrity": "sha512-dddgh9UZjV7SCDQUrQ+5t9yy8iEgKc1AKqZR9YDww8xsVOtzPQSMVLDChc21+g29oTRexb9/B0bIlZL+sWmvAQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "@types/graceful-fs": "^4.1.2", + "anymatch": "^3.0.3", + "fb-watchman": "^2.0.0", + "fsevents": "^2.1.2", + "graceful-fs": "^4.2.4", + "jest-serializer": "^25.5.0", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "micromatch": "^4.0.2", + "sane": "^4.0.3", + "walker": "^1.0.7", + "which": "^2.0.2" + } + }, + "jest-jasmine2": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-jasmine2/-/jest-jasmine2-25.5.4.tgz", + "integrity": "sha512-9acbWEfbmS8UpdcfqnDO+uBUgKa/9hcRh983IHdM+pKmJPL77G0sWAAK0V0kr5LK3a8cSBfkFSoncXwQlRZfkQ==", + "dev": true, + "requires": { + "@babel/traverse": "^7.1.0", + "@jest/environment": "^25.5.0", + "@jest/source-map": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "co": "^4.6.0", + "expect": "^25.5.0", + "is-generator-fn": "^2.0.0", + "jest-each": "^25.5.0", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-runtime": "^25.5.4", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "pretty-format": "^25.5.0", + "throat": "^5.0.0" + } + }, + "jest-leak-detector": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-25.5.0.tgz", + "integrity": "sha512-rV7JdLsanS8OkdDpZtgBf61L5xZ4NnYLBq72r6ldxahJWWczZjXawRsoHyXzibM5ed7C2QRjpp6ypgwGdKyoVA==", + "dev": true, + "requires": { + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-matcher-utils": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-25.5.0.tgz", + "integrity": "sha512-VWI269+9JS5cpndnpCwm7dy7JtGQT30UHfrnM3mXl22gHGt/b7NkjBqXfbhZ8V4B7ANUsjK18PlSBmG0YH7gjw==", + "dev": true, + "requires": { + "chalk": "^3.0.0", + "jest-diff": "^25.5.0", + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-message-util": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-25.5.0.tgz", + "integrity": "sha512-ezddz3YCT/LT0SKAmylVyWWIGYoKHOFOFXx3/nA4m794lfVUskMcwhip6vTgdVrOtYdjeQeis2ypzes9mZb4EA==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.0.0", + "@jest/types": "^25.5.0", + "@types/stack-utils": "^1.0.1", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "micromatch": "^4.0.2", + "slash": "^3.0.0", + "stack-utils": "^1.0.1" + } + }, + "jest-mock": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-25.5.0.tgz", + "integrity": "sha512-eXWuTV8mKzp/ovHc5+3USJMYsTBhyQ+5A1Mak35dey/RG8GlM4YWVylZuGgVXinaW6tpvk/RSecmF37FKUlpXA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0" + } + }, + "jest-pnp-resolver": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.1.tgz", + "integrity": "sha512-pgFw2tm54fzgYvc/OHrnysABEObZCUNFnhjoRjaVOCN8NYc032/gVjPaHD4Aq6ApkSieWtfKAFQtmDKAmhupnQ==", + "dev": true + }, + "jest-regex-util": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-25.2.6.tgz", + "integrity": "sha512-KQqf7a0NrtCkYmZZzodPftn7fL1cq3GQAFVMn5Hg8uKx/fIenLEobNanUxb7abQ1sjADHBseG/2FGpsv/wr+Qw==", + "dev": true + }, + "jest-resolve": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-25.5.1.tgz", + "integrity": "sha512-Hc09hYch5aWdtejsUZhA+vSzcotf7fajSlPA6EZPE1RmPBAD39XtJhvHWFStid58iit4IPDLI/Da4cwdDmAHiQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "browser-resolve": "^1.11.3", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "jest-pnp-resolver": "^1.2.1", + "read-pkg-up": "^7.0.1", + "realpath-native": "^2.0.0", + "resolve": "^1.17.0", + "slash": "^3.0.0" + } + }, + "jest-resolve-dependencies": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-25.5.4.tgz", + "integrity": "sha512-yFmbPd+DAQjJQg88HveObcGBA32nqNZ02fjYmtL16t1xw9bAttSn5UGRRhzMHIQbsep7znWvAvnD4kDqOFM0Uw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-snapshot": "^25.5.1" + } + }, + "jest-runner": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-25.5.4.tgz", + "integrity": "sha512-V/2R7fKZo6blP8E9BL9vJ8aTU4TH2beuqGNxHbxi6t14XzTb+x90B3FRgdvuHm41GY8ch4xxvf0ATH4hdpjTqg==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/environment": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-config": "^25.5.4", + "jest-docblock": "^25.3.0", + "jest-haste-map": "^25.5.1", + "jest-jasmine2": "^25.5.4", + "jest-leak-detector": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-resolve": "^25.5.1", + "jest-runtime": "^25.5.4", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "source-map-support": "^0.5.6", + "throat": "^5.0.0" + } + }, + "jest-runtime": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-25.5.4.tgz", + "integrity": "sha512-RWTt8LeWh3GvjYtASH2eezkc8AehVoWKK20udV6n3/gC87wlTbE1kIA+opCvNWyyPeBs6ptYsc6nyHUb1GlUVQ==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/environment": "^25.5.0", + "@jest/globals": "^25.5.2", + "@jest/source-map": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "@types/yargs": "^15.0.0", + "chalk": "^3.0.0", + "collect-v8-coverage": "^1.0.0", + "exit": "^0.1.2", + "glob": "^7.1.3", + "graceful-fs": "^4.2.4", + "jest-config": "^25.5.4", + "jest-haste-map": "^25.5.1", + "jest-message-util": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "realpath-native": "^2.0.0", + "slash": "^3.0.0", + "strip-bom": "^4.0.0", + "yargs": "^15.3.1" + } + }, + "jest-serializer": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-serializer/-/jest-serializer-25.5.0.tgz", + "integrity": "sha512-LxD8fY1lByomEPflwur9o4e2a5twSQ7TaVNLlFUuToIdoJuBt8tzHfCsZ42Ok6LkKXWzFWf3AGmheuLAA7LcCA==", + "dev": true, + "requires": { + "graceful-fs": "^4.2.4" + } + }, + "jest-snapshot": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-25.5.1.tgz", + "integrity": "sha512-C02JE1TUe64p2v1auUJ2ze5vcuv32tkv9PyhEb318e8XOKF7MOyXdJ7kdjbvrp3ChPLU2usI7Rjxs97Dj5P0uQ==", + "dev": true, + "requires": { + "@babel/types": "^7.0.0", + "@jest/types": "^25.5.0", + "@types/prettier": "^1.19.0", + "chalk": "^3.0.0", + "expect": "^25.5.0", + "graceful-fs": "^4.2.4", + "jest-diff": "^25.5.0", + "jest-get-type": "^25.2.6", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-resolve": "^25.5.1", + "make-dir": "^3.0.0", + "natural-compare": "^1.4.0", + "pretty-format": "^25.5.0", + "semver": "^6.3.0" + } + }, + "jest-util": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-25.5.0.tgz", + "integrity": "sha512-KVlX+WWg1zUTB9ktvhsg2PXZVdkI1NBevOJSkTKYAyXyH4QSvh+Lay/e/v+bmaFfrkfx43xD8QTfgobzlEXdIA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "is-ci": "^2.0.0", + "make-dir": "^3.0.0" + } + }, + "jest-validate": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-25.5.0.tgz", + "integrity": "sha512-okUFKqhZIpo3jDdtUXUZ2LxGUZJIlfdYBvZb1aczzxrlyMlqdnnws9MOxezoLGhSaFc2XYaHNReNQfj5zPIWyQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "camelcase": "^5.3.1", + "chalk": "^3.0.0", + "jest-get-type": "^25.2.6", + "leven": "^3.1.0", + "pretty-format": "^25.5.0" + } + }, + "jest-watcher": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-25.5.0.tgz", + "integrity": "sha512-XrSfJnVASEl+5+bb51V0Q7WQx65dTSk7NL4yDdVjPnRNpM0hG+ncFmDYJo9O8jaSRcAitVbuVawyXCRoxGrT5Q==", + "dev": true, + "requires": { + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "ansi-escapes": "^4.2.1", + "chalk": "^3.0.0", + "jest-util": "^25.5.0", + "string-length": "^3.1.0" + } + }, + "jest-worker": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-25.5.0.tgz", + "integrity": "sha512-/dsSmUkIy5EBGfv/IjjqmFxrNAUpBERfGs1oHROyD7yxjG/w+t0GOJDX8O1k32ySmd7+a5IhnJU2qQFcJ4n1vw==", + "dev": true, + "requires": { + "merge-stream": "^2.0.0", + "supports-color": "^7.0.0" + } + }, + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true + }, + "js-yaml": { + "version": "3.14.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.0.tgz", + "integrity": "sha512-/4IbIeHcD9VMHFqDR/gQ7EdZdLimOvW2DdcxFjdyyZ9NsbS+ccrXqVWDtab/lRl5AlUqmpBx8EhPaWR+OtY17A==", + "dev": true, + "requires": { + "argparse": "^1.0.7", + "esprima": "^4.0.0" + } + }, + "jsbn": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", + "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=", + "dev": true + }, + "jsdom": { + "version": "15.2.1", + "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-15.2.1.tgz", + "integrity": "sha512-fAl1W0/7T2G5vURSyxBzrJ1LSdQn6Tr5UX/xD4PXDx/PDgwygedfW6El/KIj3xJ7FU61TTYnc/l/B7P49Eqt6g==", + "dev": true, + "requires": { + "abab": "^2.0.0", + "acorn": "^7.1.0", + "acorn-globals": "^4.3.2", + "array-equal": "^1.0.0", + "cssom": "^0.4.1", + "cssstyle": "^2.0.0", + "data-urls": "^1.1.0", + "domexception": "^1.0.1", + "escodegen": "^1.11.1", + "html-encoding-sniffer": "^1.0.2", + "nwsapi": "^2.2.0", + "parse5": "5.1.0", + "pn": "^1.1.0", + "request": "^2.88.0", + "request-promise-native": "^1.0.7", + "saxes": "^3.1.9", + "symbol-tree": "^3.2.2", + "tough-cookie": "^3.0.1", + "w3c-hr-time": "^1.0.1", + "w3c-xmlserializer": "^1.1.2", + "webidl-conversions": "^4.0.2", + "whatwg-encoding": "^1.0.5", + "whatwg-mimetype": "^2.3.0", + "whatwg-url": "^7.0.0", + "ws": "^7.0.0", + "xml-name-validator": "^3.0.0" + } + }, + "jsesc": { + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", + "dev": true + }, + "json-parse-better-errors": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", + "integrity": "sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==", + "dev": true + }, + "json-schema": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", + "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=", + "dev": true + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, + "json-stringify-safe": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", + "dev": true + }, + "json5": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.1.3.tgz", + "integrity": "sha512-KXPvOm8K9IJKFM0bmdn8QXh7udDh1g/giieX0NLCaMnb4hEiVFqnop2ImTXCc5e0/oHz3LTqmHGtExn5hfMkOA==", + "dev": true, + "requires": { + "minimist": "^1.2.5" + } + }, + "jsprim": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", + "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", + "dev": true, + "requires": { + "assert-plus": "1.0.0", + "extsprintf": "1.3.0", + "json-schema": "0.2.3", + "verror": "1.10.0" + } + }, + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==", + "dev": true + }, + "kleur": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true + }, + "leven": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "dev": true + }, + "levn": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", + "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2" + } + }, + "lines-and-columns": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.1.6.tgz", + "integrity": "sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA=", + "dev": true + }, + "locate-path": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dev": true, + "requires": { + "p-locate": "^4.1.0" + } + }, + "lodash": { + "version": "4.17.15", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", + "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==", + "dev": true + }, + "lodash.sortby": { + "version": "4.7.0", + "resolved": "https://registry.npmjs.org/lodash.sortby/-/lodash.sortby-4.7.0.tgz", + "integrity": "sha1-7dFMgk4sycHgsKG0K7UhBRakJDg=", + "dev": true + }, + "lolex": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/lolex/-/lolex-5.1.2.tgz", + "integrity": "sha512-h4hmjAvHTmd+25JSwrtTIuwbKdwg5NzZVRMLn9saij4SZaepCrTCxPr35H/3bjwfMJtN+t3CX8672UIkglz28A==", + "dev": true, + "requires": { + "@sinonjs/commons": "^1.7.0" + } + }, + "make-dir": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", + "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "dev": true, + "requires": { + "semver": "^6.0.0" + } + }, + "makeerror": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.11.tgz", + "integrity": "sha1-4BpckQnyr3lmDk6LlYd5AYT1qWw=", + "dev": true, + "requires": { + "tmpl": "1.0.x" + } + }, + "map-cache": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/map-cache/-/map-cache-0.2.2.tgz", + "integrity": "sha1-wyq9C9ZSXZsFFkW7TyasXcmKDb8=", + "dev": true + }, + "map-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/map-visit/-/map-visit-1.0.0.tgz", + "integrity": "sha1-7Nyo8TFE5mDxtb1B8S80edmN+48=", + "dev": true, + "requires": { + "object-visit": "^1.0.0" + } + }, + "merge-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", + "dev": true + }, + "micromatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.2.tgz", + "integrity": "sha512-y7FpHSbMUMoyPbYUSzO6PaZ6FyRnQOpHuKwbo1G+Knck95XVU4QAiKdGEnj5wwoS7PlOgthX/09u5iFJ+aYf5Q==", + "dev": true, + "requires": { + "braces": "^3.0.1", + "picomatch": "^2.0.5" + } + }, + "mime-db": { + "version": "1.44.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz", + "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==", + "dev": true + }, + "mime-types": { + "version": "2.1.27", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz", + "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==", + "dev": true, + "requires": { + "mime-db": "1.44.0" + } + }, + "mimic-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true + }, + "minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "dev": true, + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "minimist": { + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", + "dev": true + }, + "mixin-deep": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz", + "integrity": "sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==", + "dev": true, + "requires": { + "for-in": "^1.0.2", + "is-extendable": "^1.0.1" + }, + "dependencies": { + "is-extendable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", + "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "dev": true, + "requires": { + "is-plain-object": "^2.0.4" + } + } + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true + }, + "nanomatch": { + "version": "1.2.13", + "resolved": "https://registry.npmjs.org/nanomatch/-/nanomatch-1.2.13.tgz", + "integrity": "sha512-fpoe2T0RbHwBTBUOftAfBPaDEi06ufaUai0mE6Yn1kacc3SnTErfb/h+X94VXzI64rKFHYImXSvdwGGCmwOqCA==", + "dev": true, + "requires": { + "arr-diff": "^4.0.0", + "array-unique": "^0.3.2", + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "fragment-cache": "^0.2.1", + "is-windows": "^1.0.2", + "kind-of": "^6.0.2", + "object.pick": "^1.3.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + } + }, + "natural-compare": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", + "dev": true + }, + "nice-try": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", + "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==", + "dev": true + }, + "node-int64": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", + "dev": true + }, + "node-modules-regexp": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz", + "integrity": "sha1-jZ2+KJZKSsVxLpExZCEHxx6Q7EA=", + "dev": true + }, + "node-notifier": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/node-notifier/-/node-notifier-6.0.0.tgz", + "integrity": "sha512-SVfQ/wMw+DesunOm5cKqr6yDcvUTDl/yc97ybGHMrteNEY6oekXpNpS3lZwgLlwz0FLgHoiW28ZpmBHUDg37cw==", + "dev": true, + "optional": true, + "requires": { + "growly": "^1.3.0", + "is-wsl": "^2.1.1", + "semver": "^6.3.0", + "shellwords": "^0.1.1", + "which": "^1.3.1" + }, + "dependencies": { + "which": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", + "dev": true, + "optional": true, + "requires": { + "isexe": "^2.0.0" + } + } + } + }, + "normalize-package-data": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", + "integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==", + "dev": true, + "requires": { + "hosted-git-info": "^2.1.4", + "resolve": "^1.10.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + } + } + }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true + }, + "npm-run-path": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-2.0.2.tgz", + "integrity": "sha1-NakjLfo11wZ7TLLd8jV7GHFTbF8=", + "dev": true, + "requires": { + "path-key": "^2.0.0" + } + }, + "nwsapi": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz", + "integrity": "sha512-h2AatdwYH+JHiZpv7pt/gSX1XoRGb7L/qSIeuqA6GwYoF9w1vP1cw42TO0aI2pNyshRK5893hNSl+1//vHK7hQ==", + "dev": true + }, + "oauth-sign": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", + "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", + "dev": true + }, + "object-copy": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/object-copy/-/object-copy-0.1.0.tgz", + "integrity": "sha1-fn2Fi3gb18mRpBupde04EnVOmYw=", + "dev": true, + "requires": { + "copy-descriptor": "^0.1.0", + "define-property": "^0.2.5", + "kind-of": "^3.0.3" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "object-visit": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/object-visit/-/object-visit-1.0.1.tgz", + "integrity": "sha1-95xEk68MU3e1n+OdOV5BBC3QRbs=", + "dev": true, + "requires": { + "isobject": "^3.0.0" + } + }, + "object.pick": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/object.pick/-/object.pick-1.3.0.tgz", + "integrity": "sha1-h6EKxMFpS9Lhy/U1kaZhQftd10c=", + "dev": true, + "requires": { + "isobject": "^3.0.1" + } + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "dev": true, + "requires": { + "wrappy": "1" + } + }, + "onetime": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.0.tgz", + "integrity": "sha512-5NcSkPHhwTVFIQN+TUqXoS5+dlElHXdpAWu9I0HP20YOtIi+aZ0Ct82jdlILDxjLEAWwvm+qj1m6aEtsDVmm6Q==", + "dev": true, + "requires": { + "mimic-fn": "^2.1.0" + } + }, + "optionator": { + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", + "integrity": "sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==", + "dev": true, + "requires": { + "deep-is": "~0.1.3", + "fast-levenshtein": "~2.0.6", + "levn": "~0.3.0", + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2", + "word-wrap": "~1.2.3" + } + }, + "p-each-series": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/p-each-series/-/p-each-series-2.1.0.tgz", + "integrity": "sha512-ZuRs1miPT4HrjFa+9fRfOFXxGJfORgelKV9f9nNOWw2gl6gVsRaVDOQP0+MI0G0wGKns1Yacsu0GjOFbTK0JFQ==", + "dev": true + }, + "p-finally": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz", + "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=", + "dev": true + }, + "p-limit": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dev": true, + "requires": { + "p-try": "^2.0.0" + } + }, + "p-locate": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dev": true, + "requires": { + "p-limit": "^2.2.0" + } + }, + "p-try": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true + }, + "parse-json": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.0.0.tgz", + "integrity": "sha512-OOY5b7PAEFV0E2Fir1KOkxchnZNCdowAJgQ5NuxjpBKTRP3pQhwkrkxqQjeoKJ+fO7bCpmIZaogI4eZGDMEGOw==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.0.0", + "error-ex": "^1.3.1", + "json-parse-better-errors": "^1.0.1", + "lines-and-columns": "^1.1.6" + } + }, + "parse5": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/parse5/-/parse5-5.1.0.tgz", + "integrity": "sha512-fxNG2sQjHvlVAYmzBZS9YlDp6PTSSDwa98vkD4QgVDDCAo84z5X1t5XyJQ62ImdLXx5NdIIfihey6xpum9/gRQ==", + "dev": true + }, + "pascalcase": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/pascalcase/-/pascalcase-0.1.1.tgz", + "integrity": "sha1-s2PlXoAGym/iF4TS2yK9FdeRfxQ=", + "dev": true + }, + "path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true + }, + "path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", + "dev": true + }, + "path-key": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz", + "integrity": "sha1-QRyttXTFoUDTpLGRDUDYDMn0C0A=", + "dev": true + }, + "path-parse": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz", + "integrity": "sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==", + "dev": true + }, + "performance-now": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", + "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", + "dev": true + }, + "picomatch": { + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.2.2.tgz", + "integrity": "sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==", + "dev": true + }, + "pirates": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.1.tgz", + "integrity": "sha512-WuNqLTbMI3tmfef2TKxlQmAiLHKtFhlsCZnPIpuv2Ow0RDVO8lfy1Opf4NUzlMXLjPl+Men7AuVdX6TA+s+uGA==", + "dev": true, + "requires": { + "node-modules-regexp": "^1.0.0" + } + }, + "pkg-dir": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dev": true, + "requires": { + "find-up": "^4.0.0" + } + }, + "pn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/pn/-/pn-1.1.0.tgz", + "integrity": "sha512-2qHaIQr2VLRFoxe2nASzsV6ef4yOOH+Fi9FBOVH6cqeSgUnoyySPZkxzLuzd+RYOQTRpROA0ztTMqxROKSb/nA==", + "dev": true + }, + "posix-character-classes": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz", + "integrity": "sha1-AerA/jta9xoqbAL+q7jB/vfgDqs=", + "dev": true + }, + "prelude-ls": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", + "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", + "dev": true + }, + "pretty-format": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-25.5.0.tgz", + "integrity": "sha512-kbo/kq2LQ/A/is0PQwsEHM7Ca6//bGPPvU6UnsdDRSKTWxT/ru/xb88v4BJf6a69H+uTytOEsTusT9ksd/1iWQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "ansi-regex": "^5.0.0", + "ansi-styles": "^4.0.0", + "react-is": "^16.12.0" + }, + "dependencies": { + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", + "dev": true + } + } + }, + "prompts": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.3.2.tgz", + "integrity": "sha512-Q06uKs2CkNYVID0VqwfAl9mipo99zkBv/n2JtWY89Yxa3ZabWSrs0e2KTudKVa3peLUvYXMefDqIleLPVUBZMA==", + "dev": true, + "requires": { + "kleur": "^3.0.3", + "sisteransi": "^1.0.4" + } + }, + "psl": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", + "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", + "dev": true + }, + "pump": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==", + "dev": true, + "requires": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "punycode": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", + "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", + "dev": true + }, + "qs": { + "version": "6.5.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", + "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==", + "dev": true + }, + "react-is": { + "version": "16.13.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz", + "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", + "dev": true + }, + "read-pkg": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-5.2.0.tgz", + "integrity": "sha512-Ug69mNOpfvKDAc2Q8DRpMjjzdtrnv9HcSMX+4VsZxD1aZ6ZzrIE7rlzXBtWTyhULSMKg076AW6WR5iZpD0JiOg==", + "dev": true, + "requires": { + "@types/normalize-package-data": "^2.4.0", + "normalize-package-data": "^2.5.0", + "parse-json": "^5.0.0", + "type-fest": "^0.6.0" + }, + "dependencies": { + "type-fest": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.6.0.tgz", + "integrity": "sha512-q+MB8nYR1KDLrgr4G5yemftpMC7/QLqVndBmEEdqzmNj5dcFOO4Oo8qlwZE3ULT3+Zim1F8Kq4cBnikNhlCMlg==", + "dev": true + } + } + }, + "read-pkg-up": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-7.0.1.tgz", + "integrity": "sha512-zK0TB7Xd6JpCLmlLmufqykGE+/TlOePD6qKClNW7hHDKFh/J7/7gCWGR7joEQEW1bKq3a3yUZSObOoWLFQ4ohg==", + "dev": true, + "requires": { + "find-up": "^4.1.0", + "read-pkg": "^5.2.0", + "type-fest": "^0.8.1" + } + }, + "realpath-native": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/realpath-native/-/realpath-native-2.0.0.tgz", + "integrity": "sha512-v1SEYUOXXdbBZK8ZuNgO4TBjamPsiSgcFr0aP+tEKpQZK8vooEUqV6nm6Cv502mX4NF2EfsnVqtNAHG+/6Ur1Q==", + "dev": true + }, + "regex-not": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/regex-not/-/regex-not-1.0.2.tgz", + "integrity": "sha512-J6SDjUgDxQj5NusnOtdFxDwN/+HWykR8GELwctJ7mdqhcyy1xEc4SRFHUXvxTp661YaVKAjfRLZ9cCqS6tn32A==", + "dev": true, + "requires": { + "extend-shallow": "^3.0.2", + "safe-regex": "^1.1.0" + } + }, + "remove-trailing-separator": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz", + "integrity": "sha1-wkvOKig62tW8P1jg1IJJuSN52O8=", + "dev": true + }, + "repeat-element": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/repeat-element/-/repeat-element-1.1.3.tgz", + "integrity": "sha512-ahGq0ZnV5m5XtZLMb+vP76kcAM5nkLqk0lpqAuojSKGgQtn4eRi4ZZGm2olo2zKFH+sMsWaqOCW1dqAnOru72g==", + "dev": true + }, + "repeat-string": { + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz", + "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=", + "dev": true + }, + "request": { + "version": "2.88.2", + "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", + "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "dev": true, + "requires": { + "aws-sign2": "~0.7.0", + "aws4": "^1.8.0", + "caseless": "~0.12.0", + "combined-stream": "~1.0.6", + "extend": "~3.0.2", + "forever-agent": "~0.6.1", + "form-data": "~2.3.2", + "har-validator": "~5.1.3", + "http-signature": "~1.2.0", + "is-typedarray": "~1.0.0", + "isstream": "~0.1.2", + "json-stringify-safe": "~5.0.1", + "mime-types": "~2.1.19", + "oauth-sign": "~0.9.0", + "performance-now": "^2.1.0", + "qs": "~6.5.2", + "safe-buffer": "^5.1.2", + "tough-cookie": "~2.5.0", + "tunnel-agent": "^0.6.0", + "uuid": "^3.3.2" + }, + "dependencies": { + "tough-cookie": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "dev": true, + "requires": { + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + } + } + }, + "request-promise-core": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/request-promise-core/-/request-promise-core-1.1.3.tgz", + "integrity": "sha512-QIs2+ArIGQVp5ZYbWD5ZLCY29D5CfWizP8eWnm8FoGD1TX61veauETVQbrV60662V0oFBkrDOuaBI8XgtuyYAQ==", + "dev": true, + "requires": { + "lodash": "^4.17.15" + } + }, + "request-promise-native": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/request-promise-native/-/request-promise-native-1.0.8.tgz", + "integrity": "sha512-dapwLGqkHtwL5AEbfenuzjTYg35Jd6KPytsC2/TLkVMz8rm+tNt72MGUWT1RP/aYawMpN6HqbNGBQaRcBtjQMQ==", + "dev": true, + "requires": { + "request-promise-core": "1.1.3", + "stealthy-require": "^1.1.1", + "tough-cookie": "^2.3.3" + }, + "dependencies": { + "tough-cookie": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "dev": true, + "requires": { + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + } + } + }, + "require-directory": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", + "dev": true + }, + "require-main-filename": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz", + "integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==", + "dev": true + }, + "resolve": { + "version": "1.17.0", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.17.0.tgz", + "integrity": "sha512-ic+7JYiV8Vi2yzQGFWOkiZD5Z9z7O2Zhm9XMaTxdJExKasieFCr+yXZ/WmXsckHiKl12ar0y6XiXDx3m4RHn1w==", + "dev": true, + "requires": { + "path-parse": "^1.0.6" + } + }, + "resolve-cwd": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", + "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "dev": true, + "requires": { + "resolve-from": "^5.0.0" + } + }, + "resolve-from": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "dev": true + }, + "resolve-url": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/resolve-url/-/resolve-url-0.2.1.tgz", + "integrity": "sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=", + "dev": true + }, + "ret": { + "version": "0.1.15", + "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz", + "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==", + "dev": true + }, + "rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "dev": true, + "requires": { + "glob": "^7.1.3" + } + }, + "rsvp": { + "version": "4.8.5", + "resolved": "https://registry.npmjs.org/rsvp/-/rsvp-4.8.5.tgz", + "integrity": "sha512-nfMOlASu9OnRJo1mbEk2cz0D56a1MBNrJ7orjRZQG10XDyuvwksKbuXNp6qa+kbn839HwjwhBzhFmdsaEAfauA==", + "dev": true + }, + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", + "dev": true + }, + "safe-regex": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-1.1.0.tgz", + "integrity": "sha1-QKNmnzsHfR6UPURinhV91IAjvy4=", + "dev": true, + "requires": { + "ret": "~0.1.10" + } + }, + "safer-buffer": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", + "dev": true + }, + "sane": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/sane/-/sane-4.1.0.tgz", + "integrity": "sha512-hhbzAgTIX8O7SHfp2c8/kREfEn4qO/9q8C9beyY6+tvZ87EpoZ3i1RIEvp27YBswnNbY9mWd6paKVmKbAgLfZA==", + "dev": true, + "requires": { + "@cnakazawa/watch": "^1.0.3", + "anymatch": "^2.0.0", + "capture-exit": "^2.0.0", + "exec-sh": "^0.3.2", + "execa": "^1.0.0", + "fb-watchman": "^2.0.0", + "micromatch": "^3.1.4", + "minimist": "^1.1.1", + "walker": "~1.0.5" + }, + "dependencies": { + "anymatch": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-2.0.0.tgz", + "integrity": "sha512-5teOsQWABXHHBFP9y3skS5P3d/WfWXpv3FUpy+LorMrNYaT9pI4oLMQX7jzQ2KklNpGpWHzdCXTDT2Y3XGlZBw==", + "dev": true, + "requires": { + "micromatch": "^3.1.4", + "normalize-path": "^2.1.1" + } + }, + "braces": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-2.3.2.tgz", + "integrity": "sha512-aNdbnj9P8PjdXU4ybaWLK2IF3jc/EoDYbC7AazW6to3TRsfXxscC9UXOB5iDiEQrkyIbWp2SLQda4+QAa7nc3w==", + "dev": true, + "requires": { + "arr-flatten": "^1.1.0", + "array-unique": "^0.3.2", + "extend-shallow": "^2.0.1", + "fill-range": "^4.0.0", + "isobject": "^3.0.1", + "repeat-element": "^1.1.2", + "snapdragon": "^0.8.1", + "snapdragon-node": "^2.0.1", + "split-string": "^3.0.2", + "to-regex": "^3.0.1" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "fill-range": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-4.0.0.tgz", + "integrity": "sha1-1USBHUKPmOsGpj3EAtJAPDKMOPc=", + "dev": true, + "requires": { + "extend-shallow": "^2.0.1", + "is-number": "^3.0.0", + "repeat-string": "^1.6.1", + "to-regex-range": "^2.1.0" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "is-number": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", + "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "micromatch": { + "version": "3.1.10", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-3.1.10.tgz", + "integrity": "sha512-MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg==", + "dev": true, + "requires": { + "arr-diff": "^4.0.0", + "array-unique": "^0.3.2", + "braces": "^2.3.1", + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "extglob": "^2.0.4", + "fragment-cache": "^0.2.1", + "kind-of": "^6.0.2", + "nanomatch": "^1.2.9", + "object.pick": "^1.3.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.2" + } + }, + "normalize-path": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-2.1.1.tgz", + "integrity": "sha1-GrKLVW4Zg2Oowab35vogE3/mrtk=", + "dev": true, + "requires": { + "remove-trailing-separator": "^1.0.1" + } + }, + "to-regex-range": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-2.1.1.tgz", + "integrity": "sha1-fIDBe53+vlmeJzZ+DU3VWQFB2zg=", + "dev": true, + "requires": { + "is-number": "^3.0.0", + "repeat-string": "^1.6.1" + } + } + } + }, + "saxes": { + "version": "3.1.11", + "resolved": "https://registry.npmjs.org/saxes/-/saxes-3.1.11.tgz", + "integrity": "sha512-Ydydq3zC+WYDJK1+gRxRapLIED9PWeSuuS41wqyoRmzvhhh9nc+QQrVMKJYzJFULazeGhzSV0QleN2wD3boh2g==", + "dev": true, + "requires": { + "xmlchars": "^2.1.1" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", + "dev": true + }, + "set-blocking": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", + "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=", + "dev": true + }, + "set-value": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.1.tgz", + "integrity": "sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw==", + "dev": true, + "requires": { + "extend-shallow": "^2.0.1", + "is-extendable": "^0.1.1", + "is-plain-object": "^2.0.3", + "split-string": "^3.0.1" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "shebang-command": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-1.2.0.tgz", + "integrity": "sha1-RKrGW2lbAzmJaMOfNj/uXer98eo=", + "dev": true, + "requires": { + "shebang-regex": "^1.0.0" + } + }, + "shebang-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz", + "integrity": "sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=", + "dev": true + }, + "shellwords": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/shellwords/-/shellwords-0.1.1.tgz", + "integrity": "sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww==", + "dev": true, + "optional": true + }, + "signal-exit": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.3.tgz", + "integrity": "sha512-VUJ49FC8U1OxwZLxIbTTrDvLnf/6TDgxZcK8wxR8zs13xpx7xbG60ndBlhNrFi2EMuFRoeDoJO7wthSLq42EjA==", + "dev": true + }, + "sisteransi": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true + }, + "slash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", + "dev": true + }, + "snapdragon": { + "version": "0.8.2", + "resolved": "https://registry.npmjs.org/snapdragon/-/snapdragon-0.8.2.tgz", + "integrity": "sha512-FtyOnWN/wCHTVXOMwvSv26d+ko5vWlIDD6zoUJ7LW8vh+ZBC8QdljveRP+crNrtBwioEUWy/4dMtbBjA4ioNlg==", + "dev": true, + "requires": { + "base": "^0.11.1", + "debug": "^2.2.0", + "define-property": "^0.2.5", + "extend-shallow": "^2.0.1", + "map-cache": "^0.2.2", + "source-map": "^0.5.6", + "source-map-resolve": "^0.5.0", + "use": "^3.1.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true + }, + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "snapdragon-node": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/snapdragon-node/-/snapdragon-node-2.1.1.tgz", + "integrity": "sha512-O27l4xaMYt/RSQ5TR3vpWCAB5Kb/czIcqUFOM/C4fYcLnbZUc1PkjTAMjof2pBWaSTwOUd6qUHcFGVGj7aIwnw==", + "dev": true, + "requires": { + "define-property": "^1.0.0", + "isobject": "^3.0.0", + "snapdragon-util": "^3.0.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "snapdragon-util": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/snapdragon-util/-/snapdragon-util-3.0.1.tgz", + "integrity": "sha512-mbKkMdQKsjX4BAL4bRYTj21edOf8cN7XHdYUJEe+Zn99hVEYcMvKPct1IqNe7+AZPirn8BCDOQBHQZknqmKlZQ==", + "dev": true, + "requires": { + "kind-of": "^3.2.0" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true + }, + "source-map-resolve": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/source-map-resolve/-/source-map-resolve-0.5.3.tgz", + "integrity": "sha512-Htz+RnsXWk5+P2slx5Jh3Q66vhQj1Cllm0zvnaY98+NFx+Dv2CF/f5O/t8x+KaNdrdIAsruNzoh/KpialbqAnw==", + "dev": true, + "requires": { + "atob": "^2.1.2", + "decode-uri-component": "^0.2.0", + "resolve-url": "^0.2.1", + "source-map-url": "^0.4.0", + "urix": "^0.1.0" + } + }, + "source-map-support": { + "version": "0.5.19", + "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.19.tgz", + "integrity": "sha512-Wonm7zOCIJzBGQdB+thsPar0kYuCIzYvxZwlBa87yi/Mdjv7Tip2cyVbLj5o0cFPN4EVkuTwb3GDDyUx2DGnGw==", + "dev": true, + "requires": { + "buffer-from": "^1.0.0", + "source-map": "^0.6.0" + } + }, + "source-map-url": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/source-map-url/-/source-map-url-0.4.0.tgz", + "integrity": "sha1-PpNdfd1zYxuXZZlW1VEo6HtQhKM=", + "dev": true + }, + "spdx-correct": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.1.tgz", + "integrity": "sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==", + "dev": true, + "requires": { + "spdx-expression-parse": "^3.0.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-exceptions": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz", + "integrity": "sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A==", + "dev": true + }, + "spdx-expression-parse": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", + "integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==", + "dev": true, + "requires": { + "spdx-exceptions": "^2.1.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-license-ids": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.5.tgz", + "integrity": "sha512-J+FWzZoynJEXGphVIS+XEh3kFSjZX/1i9gFBaWQcB+/tmpe2qUsSBABpcxqxnAxFdiUFEgAX1bjYGQvIZmoz9Q==", + "dev": true + }, + "split-string": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/split-string/-/split-string-3.1.0.tgz", + "integrity": "sha512-NzNVhJDYpwceVVii8/Hu6DKfD2G+NrQHlS/V/qgv763EYudVwEcMQNxd2lh+0VrUByXN/oJkl5grOhYWvQUYiw==", + "dev": true, + "requires": { + "extend-shallow": "^3.0.0" + } + }, + "sprintf-js": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", + "dev": true + }, + "sshpk": { + "version": "1.16.1", + "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", + "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "dev": true, + "requires": { + "asn1": "~0.2.3", + "assert-plus": "^1.0.0", + "bcrypt-pbkdf": "^1.0.0", + "dashdash": "^1.12.0", + "ecc-jsbn": "~0.1.1", + "getpass": "^0.1.1", + "jsbn": "~0.1.0", + "safer-buffer": "^2.0.2", + "tweetnacl": "~0.14.0" + } + }, + "stack-utils": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-1.0.2.tgz", + "integrity": "sha512-MTX+MeG5U994cazkjd/9KNAapsHnibjMLnfXodlkXw76JEea0UiNzrqidzo1emMwk7w5Qhc9jd4Bn9TBb1MFwA==", + "dev": true + }, + "static-extend": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/static-extend/-/static-extend-0.1.2.tgz", + "integrity": "sha1-YICcOcv/VTNyJv1eC1IPNB8ftcY=", + "dev": true, + "requires": { + "define-property": "^0.2.5", + "object-copy": "^0.1.0" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "stealthy-require": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/stealthy-require/-/stealthy-require-1.1.1.tgz", + "integrity": "sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=", + "dev": true + }, + "string-length": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-length/-/string-length-3.1.0.tgz", + "integrity": "sha512-Ttp5YvkGm5v9Ijagtaz1BnN+k9ObpvS0eIBblPMp2YWL8FBmi9qblQ9fexc2k/CXFgrTIteU3jAw3payCnwSTA==", + "dev": true, + "requires": { + "astral-regex": "^1.0.0", + "strip-ansi": "^5.2.0" + }, + "dependencies": { + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "dev": true, + "requires": { + "ansi-regex": "^4.1.0" + } + } + } + }, + "string-width": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz", + "integrity": "sha512-zUz5JD+tgqtuDjMhwIg5uFVV3dtqZ9yQJlZVfq4I01/K5Paj5UHj7VyrQOJvzawSVlKpObApbfD0Ed6yJc+1eg==", + "dev": true, + "requires": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "strip-ansi": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", + "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", + "dev": true, + "requires": { + "ansi-regex": "^5.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", + "dev": true + } + } + }, + "strip-bom": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", + "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", + "dev": true + }, + "strip-eof": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz", + "integrity": "sha1-u0P/VZim6wXYm1n80SnJgzE2Br8=", + "dev": true + }, + "strip-final-newline": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", + "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", + "dev": true + }, + "supports-color": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", + "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "dev": true, + "requires": { + "has-flag": "^4.0.0" + } + }, + "supports-hyperlinks": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.1.0.tgz", + "integrity": "sha512-zoE5/e+dnEijk6ASB6/qrK+oYdm2do1hjoLWrqUC/8WEIW1gbxFcKuBof7sW8ArN6e+AYvsE8HBGiVRWL/F5CA==", + "dev": true, + "requires": { + "has-flag": "^4.0.0", + "supports-color": "^7.0.0" + } + }, + "symbol-tree": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz", + "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", + "dev": true + }, + "terminal-link": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", + "integrity": "sha512-un0FmiRUQNr5PJqy9kP7c40F5BOfpGlYTrxonDChEZB7pzZxRNp/bt+ymiy9/npwXya9KH99nJ/GXFIiUkYGFQ==", + "dev": true, + "requires": { + "ansi-escapes": "^4.2.1", + "supports-hyperlinks": "^2.0.0" + } + }, + "test-exclude": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", + "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "dev": true, + "requires": { + "@istanbuljs/schema": "^0.1.2", + "glob": "^7.1.4", + "minimatch": "^3.0.4" + } + }, + "throat": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/throat/-/throat-5.0.0.tgz", + "integrity": "sha512-fcwX4mndzpLQKBS1DVYhGAcYaYt7vsHNIvQV+WXMvnow5cgjPphq5CaayLaGsjRdSCKZFNGt7/GYAuXaNOiYCA==", + "dev": true + }, + "tmpl": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.4.tgz", + "integrity": "sha1-I2QN17QtAEM5ERQIIOXPRA5SHdE=", + "dev": true + }, + "to-fast-properties": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", + "dev": true + }, + "to-object-path": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/to-object-path/-/to-object-path-0.3.0.tgz", + "integrity": "sha1-KXWIt7Dn4KwI4E5nL4XB9JmeF68=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "to-regex": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/to-regex/-/to-regex-3.0.2.tgz", + "integrity": "sha512-FWtleNAtZ/Ki2qtqej2CXTOayOH9bHDQF+Q48VpWyDXjbYxA4Yz8iDB31zXOBUlOHHKidDbqGVrTUvQMPmBGBw==", + "dev": true, + "requires": { + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "regex-not": "^1.0.2", + "safe-regex": "^1.1.0" + } + }, + "to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, + "requires": { + "is-number": "^7.0.0" + } + }, + "tough-cookie": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-3.0.1.tgz", + "integrity": "sha512-yQyJ0u4pZsv9D4clxO69OEjLWYw+jbgspjTue4lTQZLfV0c5l1VmK2y1JK8E9ahdpltPOaAThPcp5nKPUgSnsg==", + "dev": true, + "requires": { + "ip-regex": "^2.1.0", + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + }, + "tr46": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-1.0.1.tgz", + "integrity": "sha1-qLE/1r/SSJUZZ0zN5VujaTtwbQk=", + "dev": true, + "requires": { + "punycode": "^2.1.0" + } + }, + "tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "dev": true, + "requires": { + "safe-buffer": "^5.0.1" + } + }, + "tweetnacl": { + "version": "0.14.5", + "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", + "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=", + "dev": true + }, + "type-check": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz", + "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2" + } + }, + "type-detect": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", + "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", + "dev": true + }, + "type-fest": { + "version": "0.8.1", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", + "integrity": "sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA==", + "dev": true + }, + "typedarray-to-buffer": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz", + "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==", + "dev": true, + "requires": { + "is-typedarray": "^1.0.0" + } + }, + "union-value": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.1.tgz", + "integrity": "sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg==", + "dev": true, + "requires": { + "arr-union": "^3.1.0", + "get-value": "^2.0.6", + "is-extendable": "^0.1.1", + "set-value": "^2.0.1" + } + }, + "unset-value": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/unset-value/-/unset-value-1.0.0.tgz", + "integrity": "sha1-g3aHP30jNRef+x5vw6jtDfyKtVk=", + "dev": true, + "requires": { + "has-value": "^0.3.1", + "isobject": "^3.0.0" + }, + "dependencies": { + "has-value": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/has-value/-/has-value-0.3.1.tgz", + "integrity": "sha1-ex9YutpiyoJ+wKIHgCVlSEWZXh8=", + "dev": true, + "requires": { + "get-value": "^2.0.3", + "has-values": "^0.1.4", + "isobject": "^2.0.0" + }, + "dependencies": { + "isobject": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz", + "integrity": "sha1-8GVWEJaj8dou9GJy+BXIQNh+DIk=", + "dev": true, + "requires": { + "isarray": "1.0.0" + } + } + } + }, + "has-values": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/has-values/-/has-values-0.1.4.tgz", + "integrity": "sha1-bWHeldkd/Km5oCCJrThL/49it3E=", + "dev": true + } + } + }, + "uri-js": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", + "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", + "dev": true, + "requires": { + "punycode": "^2.1.0" + } + }, + "urix": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/urix/-/urix-0.1.0.tgz", + "integrity": "sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI=", + "dev": true + }, + "use": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz", + "integrity": "sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==", + "dev": true + }, + "uuid": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", + "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", + "dev": true + }, + "v8-to-istanbul": { + "version": "4.1.4", + "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-4.1.4.tgz", + "integrity": "sha512-Rw6vJHj1mbdK8edjR7+zuJrpDtKIgNdAvTSAcpYfgMIw+u2dPDntD3dgN4XQFLU2/fvFQdzj+EeSGfd/jnY5fQ==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "^2.0.1", + "convert-source-map": "^1.6.0", + "source-map": "^0.7.3" + }, + "dependencies": { + "source-map": { + "version": "0.7.3", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.3.tgz", + "integrity": "sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==", + "dev": true + } + } + }, + "validate-npm-package-license": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", + "dev": true, + "requires": { + "spdx-correct": "^3.0.0", + "spdx-expression-parse": "^3.0.0" + } + }, + "verror": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", + "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0", + "core-util-is": "1.0.2", + "extsprintf": "^1.2.0" + } + }, + "w3c-hr-time": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", + "integrity": "sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==", + "dev": true, + "requires": { + "browser-process-hrtime": "^1.0.0" + } + }, + "w3c-xmlserializer": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-1.1.2.tgz", + "integrity": "sha512-p10l/ayESzrBMYWRID6xbuCKh2Fp77+sA0doRuGn4tTIMrrZVeqfpKjXHY+oDh3K4nLdPgNwMTVP6Vp4pvqbNg==", + "dev": true, + "requires": { + "domexception": "^1.0.1", + "webidl-conversions": "^4.0.2", + "xml-name-validator": "^3.0.0" + } + }, + "walker": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.7.tgz", + "integrity": "sha1-L3+bj9ENZ3JisYqITijRlhjgKPs=", + "dev": true, + "requires": { + "makeerror": "1.0.x" + } + }, + "webidl-conversions": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-4.0.2.tgz", + "integrity": "sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==", + "dev": true + }, + "whatwg-encoding": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz", + "integrity": "sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==", + "dev": true, + "requires": { + "iconv-lite": "0.4.24" + } + }, + "whatwg-mimetype": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz", + "integrity": "sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==", + "dev": true + }, + "whatwg-url": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-7.1.0.tgz", + "integrity": "sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg==", + "dev": true, + "requires": { + "lodash.sortby": "^4.7.0", + "tr46": "^1.0.1", + "webidl-conversions": "^4.0.2" + } + }, + "which": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, + "requires": { + "isexe": "^2.0.0" + } + }, + "which-module": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/which-module/-/which-module-2.0.0.tgz", + "integrity": "sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho=", + "dev": true + }, + "word-wrap": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", + "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", + "dev": true + }, + "wrap-ansi": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", + "integrity": "sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA==", + "dev": true, + "requires": { + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" + } + }, + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", + "dev": true + }, + "write-file-atomic": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.3.tgz", + "integrity": "sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==", + "dev": true, + "requires": { + "imurmurhash": "^0.1.4", + "is-typedarray": "^1.0.0", + "signal-exit": "^3.0.2", + "typedarray-to-buffer": "^3.1.5" + } + }, + "ws": { + "version": "7.3.0", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.3.0.tgz", + "integrity": "sha512-iFtXzngZVXPGgpTlP1rBqsUK82p9tKqsWRPg5L56egiljujJT3vGAYnHANvFxBieXrTFavhzhxW52jnaWV+w2w==", + "dev": true + }, + "xml-name-validator": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", + "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==", + "dev": true + }, + "xmlchars": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz", + "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==", + "dev": true + }, + "y18n": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.0.tgz", + "integrity": "sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w==", + "dev": true + }, + "yargs": { + "version": "15.3.1", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-15.3.1.tgz", + "integrity": "sha512-92O1HWEjw27sBfgmXiixJWT5hRBp2eobqXicLtPBIDBhYB+1HpwZlXmbW2luivBJHBzki+7VyCLRtAkScbTBQA==", + "dev": true, + "requires": { + "cliui": "^6.0.0", + "decamelize": "^1.2.0", + "find-up": "^4.1.0", + "get-caller-file": "^2.0.1", + "require-directory": "^2.1.1", + "require-main-filename": "^2.0.0", + "set-blocking": "^2.0.0", + "string-width": "^4.2.0", + "which-module": "^2.0.0", + "y18n": "^4.0.0", + "yargs-parser": "^18.1.1" + } + }, + "yargs-parser": { + "version": "18.1.3", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-18.1.3.tgz", + "integrity": "sha512-o50j0JeToy/4K6OZcaQmW6lyXXKhq7csREXcDwk2omFPJEwUNOVtJKvmDr9EI1fAJZUyZcRF7kxGBWmRXudrCQ==", + "dev": true, + "requires": { + "camelcase": "^5.0.0", + "decamelize": "^1.2.0" + } + } + } +} diff --git a/hooks/generic-webhook/package.json b/hooks/generic-webhook/package.json new file mode 100644 index 00000000..50f268ed --- /dev/null +++ b/hooks/generic-webhook/package.json @@ -0,0 +1,18 @@ +{ + "name": "scb-generic-webhook", + "version": "1.0.0", + "description": "", + "main": "hook.js", + "scripts": { + "test": "jest ." + }, + "keywords": [], + "author": "", + "license": "ISC", + "dependencies": { + "axios": "^0.19.2" + }, + "devDependencies": { + "jest": "^25.1.0" + } +} diff --git a/hooks/generic-webhook/templates/NOTES.txt b/hooks/generic-webhook/templates/NOTES.txt new file mode 100644 index 00000000..ad964fab --- /dev/null +++ b/hooks/generic-webhook/templates/NOTES.txt @@ -0,0 +1,4 @@ +GenericWebhook deployed. +Will send requests to: +POST {{ .Values.webhookUrl }} +on every completed scan \ No newline at end of file diff --git a/hooks/generic-webhook/templates/_helpers.tpl b/hooks/generic-webhook/templates/_helpers.tpl new file mode 100644 index 00000000..98711ddf --- /dev/null +++ b/hooks/generic-webhook/templates/_helpers.tpl @@ -0,0 +1,52 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "generic-webhook.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "generic-webhook.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "generic-webhook.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "generic-webhook.labels" -}} +helm.sh/chart: {{ include "generic-webhook.chart" . }} +{{ include "generic-webhook.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "generic-webhook.selectorLabels" -}} +app.kubernetes.io/name: {{ include "generic-webhook.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} diff --git a/hooks/generic-webhook/templates/webhook-hook.yaml b/hooks/generic-webhook/templates/webhook-hook.yaml new file mode 100644 index 00000000..863610a4 --- /dev/null +++ b/hooks/generic-webhook/templates/webhook-hook.yaml @@ -0,0 +1,14 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: ScanCompletionHook +metadata: + name: {{ include "generic-webhook.fullname" . }} +spec: + type: ReadOnly + {{- if .Values.image.digest }} + image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" + {{- else }} + image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{- end }} + env: + - name: WEBHOOK_URL + value: {{ .Values.webhookUrl | quote }} \ No newline at end of file diff --git a/hooks/generic-webhook/values.yaml b/hooks/generic-webhook/values.yaml new file mode 100644 index 00000000..545b7851 --- /dev/null +++ b/hooks/generic-webhook/values.yaml @@ -0,0 +1,11 @@ +# Default values for dispatcher. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +webhookUrl: "http://example.com" + +image: + registry: docker.io + repository: scbexperimental/generic-webhook + tag: latest + digest: null From f1d3390f7185f4cc8b1375c4006231610a0f085b Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 17:12:37 +0200 Subject: [PATCH 018/109] Add update url to ReadAndWrite Hooks --- operator/controllers/execution/scan_controller.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 26455cee..b18528be 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -195,6 +195,18 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { return ctrl.Result{}, err } + bucketName := os.Getenv("S3_BUCKET") + rawFileUploadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/%s", scan.UID, scan.Status.RawResultFile), 12*time.Hour) + if err != nil { + r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") + return ctrl.Result{}, err + } + findingsUploadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/findings.json", scan.UID), 12*time.Hour) + if err != nil { + r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") + return ctrl.Result{}, err + } + var hook executionv1.ScanCompletionHook err = r.Get(ctx, types.NamespacedName{Name: nonCompletedHook.HookName, Namespace: scan.Namespace}, &hook) if err != nil { @@ -249,6 +261,8 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { Args: []string{ rawFileURL, findingsFileURL, + rawFileUploadURL.String(), + findingsUploadURL.String(), }, Env: append(hook.Spec.Env, standardEnvVars...), ImagePullPolicy: "IfNotPresent", From 5975f7c069aa1c74369aa56917dff5bd7ea91f0a Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 17:19:52 +0200 Subject: [PATCH 019/109] Move persistence-elastic up one level --- .../persistence-elastic/.dockerignore | 0 .../persistence-elastic/.gitignore | 0 .../persistence-elastic/.helmignore | 0 .../persistence-elastic/Chart.lock | 0 .../persistence-elastic/Chart.yaml | 0 .../persistence-elastic/Dockerfile | 6 +- .../__mocks__/@elastic/elasticsearch.js | 0 .../charts/elasticsearch-7.6.1.tgz | Bin .../charts/kibana-7.6.1.tgz | Bin .../dashboardImporter/Dockerfile | 0 .../dashboards/daily-summary.json | 0 .../dashboardImporter/export-dashboards.sh | 0 .../dashboardImporter/import-dashboards.sh | 0 .../dashboardImporter/readme.md | 0 .../hook.js} | 4 +- hooks/persistence-elastic/hook.test.js | 118 ++++++++++++++++++ .../persistence-elastic/package-lock.json | 0 .../persistence-elastic/package.json | 0 .../persistence-elastic/templates/NOTES.txt | 0 .../templates/_helpers.tpl | 0 .../templates/import-dashboard.yaml | 0 .../templates/persistence-provider.yaml | 0 .../persistence-elastic/values.yaml | 0 .../persistence-elastic/persist.test.js | 118 ------------------ 24 files changed, 123 insertions(+), 123 deletions(-) rename hooks/{persistence => }/persistence-elastic/.dockerignore (100%) rename hooks/{persistence => }/persistence-elastic/.gitignore (100%) rename hooks/{persistence => }/persistence-elastic/.helmignore (100%) rename hooks/{persistence => }/persistence-elastic/Chart.lock (100%) rename hooks/{persistence => }/persistence-elastic/Chart.yaml (100%) rename hooks/{persistence => }/persistence-elastic/Dockerfile (58%) rename hooks/{persistence => }/persistence-elastic/__mocks__/@elastic/elasticsearch.js (100%) rename hooks/{persistence => }/persistence-elastic/charts/elasticsearch-7.6.1.tgz (100%) rename hooks/{persistence => }/persistence-elastic/charts/kibana-7.6.1.tgz (100%) rename hooks/{persistence => }/persistence-elastic/dashboardImporter/Dockerfile (100%) rename hooks/{persistence => }/persistence-elastic/dashboardImporter/dashboards/daily-summary.json (100%) rename hooks/{persistence => }/persistence-elastic/dashboardImporter/export-dashboards.sh (100%) rename hooks/{persistence => }/persistence-elastic/dashboardImporter/import-dashboards.sh (100%) rename hooks/{persistence => }/persistence-elastic/dashboardImporter/readme.md (100%) rename hooks/{persistence/persistence-elastic/persist.js => persistence-elastic/hook.js} (97%) create mode 100644 hooks/persistence-elastic/hook.test.js rename hooks/{persistence => }/persistence-elastic/package-lock.json (100%) rename hooks/{persistence => }/persistence-elastic/package.json (100%) rename hooks/{persistence => }/persistence-elastic/templates/NOTES.txt (100%) rename hooks/{persistence => }/persistence-elastic/templates/_helpers.tpl (100%) rename hooks/{persistence => }/persistence-elastic/templates/import-dashboard.yaml (100%) rename hooks/{persistence => }/persistence-elastic/templates/persistence-provider.yaml (100%) rename hooks/{persistence => }/persistence-elastic/values.yaml (100%) delete mode 100644 hooks/persistence/persistence-elastic/persist.test.js diff --git a/hooks/persistence/persistence-elastic/.dockerignore b/hooks/persistence-elastic/.dockerignore similarity index 100% rename from hooks/persistence/persistence-elastic/.dockerignore rename to hooks/persistence-elastic/.dockerignore diff --git a/hooks/persistence/persistence-elastic/.gitignore b/hooks/persistence-elastic/.gitignore similarity index 100% rename from hooks/persistence/persistence-elastic/.gitignore rename to hooks/persistence-elastic/.gitignore diff --git a/hooks/persistence/persistence-elastic/.helmignore b/hooks/persistence-elastic/.helmignore similarity index 100% rename from hooks/persistence/persistence-elastic/.helmignore rename to hooks/persistence-elastic/.helmignore diff --git a/hooks/persistence/persistence-elastic/Chart.lock b/hooks/persistence-elastic/Chart.lock similarity index 100% rename from hooks/persistence/persistence-elastic/Chart.lock rename to hooks/persistence-elastic/Chart.lock diff --git a/hooks/persistence/persistence-elastic/Chart.yaml b/hooks/persistence-elastic/Chart.yaml similarity index 100% rename from hooks/persistence/persistence-elastic/Chart.yaml rename to hooks/persistence-elastic/Chart.yaml diff --git a/hooks/persistence/persistence-elastic/Dockerfile b/hooks/persistence-elastic/Dockerfile similarity index 58% rename from hooks/persistence/persistence-elastic/Dockerfile rename to hooks/persistence-elastic/Dockerfile index cef92a2e..11db260e 100644 --- a/hooks/persistence/persistence-elastic/Dockerfile +++ b/hooks/persistence-elastic/Dockerfile @@ -4,7 +4,7 @@ WORKDIR /home/app COPY package.json package-lock.json ./ RUN npm ci --production -FROM scbexperimental/persistence-sdk-nodejs:latest -WORKDIR /home/app/persistence-wrapper/persistence/ +FROM scbexperimental/hook-sdk-nodejs:latest +WORKDIR /home/app/hook-wrapper/hook/ COPY --from=build --chown=app:app /home/app/node_modules/ ./node_modules/ -COPY --chown=app:app ./persist.js ./persist.js +COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/persistence/persistence-elastic/__mocks__/@elastic/elasticsearch.js b/hooks/persistence-elastic/__mocks__/@elastic/elasticsearch.js similarity index 100% rename from hooks/persistence/persistence-elastic/__mocks__/@elastic/elasticsearch.js rename to hooks/persistence-elastic/__mocks__/@elastic/elasticsearch.js diff --git a/hooks/persistence/persistence-elastic/charts/elasticsearch-7.6.1.tgz b/hooks/persistence-elastic/charts/elasticsearch-7.6.1.tgz similarity index 100% rename from hooks/persistence/persistence-elastic/charts/elasticsearch-7.6.1.tgz rename to hooks/persistence-elastic/charts/elasticsearch-7.6.1.tgz diff --git a/hooks/persistence/persistence-elastic/charts/kibana-7.6.1.tgz b/hooks/persistence-elastic/charts/kibana-7.6.1.tgz similarity index 100% rename from hooks/persistence/persistence-elastic/charts/kibana-7.6.1.tgz rename to hooks/persistence-elastic/charts/kibana-7.6.1.tgz diff --git a/hooks/persistence/persistence-elastic/dashboardImporter/Dockerfile b/hooks/persistence-elastic/dashboardImporter/Dockerfile similarity index 100% rename from hooks/persistence/persistence-elastic/dashboardImporter/Dockerfile rename to hooks/persistence-elastic/dashboardImporter/Dockerfile diff --git a/hooks/persistence/persistence-elastic/dashboardImporter/dashboards/daily-summary.json b/hooks/persistence-elastic/dashboardImporter/dashboards/daily-summary.json similarity index 100% rename from hooks/persistence/persistence-elastic/dashboardImporter/dashboards/daily-summary.json rename to hooks/persistence-elastic/dashboardImporter/dashboards/daily-summary.json diff --git a/hooks/persistence/persistence-elastic/dashboardImporter/export-dashboards.sh b/hooks/persistence-elastic/dashboardImporter/export-dashboards.sh similarity index 100% rename from hooks/persistence/persistence-elastic/dashboardImporter/export-dashboards.sh rename to hooks/persistence-elastic/dashboardImporter/export-dashboards.sh diff --git a/hooks/persistence/persistence-elastic/dashboardImporter/import-dashboards.sh b/hooks/persistence-elastic/dashboardImporter/import-dashboards.sh similarity index 100% rename from hooks/persistence/persistence-elastic/dashboardImporter/import-dashboards.sh rename to hooks/persistence-elastic/dashboardImporter/import-dashboards.sh diff --git a/hooks/persistence/persistence-elastic/dashboardImporter/readme.md b/hooks/persistence-elastic/dashboardImporter/readme.md similarity index 100% rename from hooks/persistence/persistence-elastic/dashboardImporter/readme.md rename to hooks/persistence-elastic/dashboardImporter/readme.md diff --git a/hooks/persistence/persistence-elastic/persist.js b/hooks/persistence-elastic/hook.js similarity index 97% rename from hooks/persistence/persistence-elastic/persist.js rename to hooks/persistence-elastic/hook.js index a19dc6d0..00f7172a 100644 --- a/hooks/persistence/persistence-elastic/persist.js +++ b/hooks/persistence-elastic/hook.js @@ -33,7 +33,7 @@ const client = new Client({ ...authParams, }); -async function persist({ +async function handle({ getFindings, scan, now = new Date(), @@ -105,4 +105,4 @@ async function persist({ } } module.exports.elasticClient = client; -module.exports.persist = persist; +module.exports.handle = handle; diff --git a/hooks/persistence-elastic/hook.test.js b/hooks/persistence-elastic/hook.test.js new file mode 100644 index 00000000..1a73fbb1 --- /dev/null +++ b/hooks/persistence-elastic/hook.test.js @@ -0,0 +1,118 @@ +const { handle, elasticClient } = require("./hook"); + +beforeEach(() => { + elasticClient.index.mockClear(); + elasticClient.bulk.mockClear(); +}); + +test("should only send scan summary document if no findings are passing in", async () => { + const findings = []; + + const getFindings = async () => findings; + + const scan = { + metadata: { + uid: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", + name: "demo-scan", + labels: { + company: "iteratec", + }, + }, + spec: { + scanType: "Nmap", + parameters: ["-Pn", "localhost"], + }, + }; + + const now = new Date(); + + await handle({ getFindings, scan, now, tenant: "default" }); + + expect(elasticClient.index).toBeCalledTimes(1); + expect(elasticClient.index).toBeCalledWith({ + body: { + "@timestamp": now, + id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", + labels: { + company: "iteratec", + }, + name: "demo-scan", + parameters: ["-Pn", "localhost"], + scan_type: "Nmap", + type: "scan", + }, + index: `scbv2_default_${now.toISOString().substr(0, 10)}`, + }); + expect(elasticClient.bulk).not.toBeCalled(); +}); + +test("should send findings to elasticsearch", async () => { + const findings = [ + { + id: "4560b3e6-1219-4f5f-9b44-6579f5a32407", + name: "Port 5601 is open", + category: "Open Port", + }, + ]; + + const getFindings = async () => findings; + + const scan = { + metadata: { + uid: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", + name: "demo-scan", + labels: { + company: "iteratec", + }, + }, + spec: { + scanType: "Nmap", + parameters: ["-Pn", "localhost"], + }, + }; + + const now = new Date(); + + await handle({ getFindings, scan, now, tenant: "default" }); + + expect(elasticClient.index).toBeCalledTimes(1); + expect(elasticClient.index).toBeCalledWith({ + body: { + "@timestamp": now, + id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", + labels: { + company: "iteratec", + }, + name: "demo-scan", + parameters: ["-Pn", "localhost"], + scan_type: "Nmap", + type: "scan", + }, + index: `scbv2_default_${now.toISOString().substr(0, 10)}`, + }); + + expect(elasticClient.bulk).toBeCalledTimes(1); + expect(elasticClient.bulk).toBeCalledWith({ + refresh: true, + body: [ + { + index: { + _index: `scbv2_default_${now.toISOString().substr(0, 10)}`, + }, + }, + { + "@timestamp": now, + category: "Open Port", + id: "4560b3e6-1219-4f5f-9b44-6579f5a32407", + name: "Port 5601 is open", + scan_id: "09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc", + scan_labels: { + company: "iteratec", + }, + scan_name: "demo-scan", + scan_type: "Nmap", + type: "finding", + }, + ], + }); +}); diff --git a/hooks/persistence/persistence-elastic/package-lock.json b/hooks/persistence-elastic/package-lock.json similarity index 100% rename from hooks/persistence/persistence-elastic/package-lock.json rename to hooks/persistence-elastic/package-lock.json diff --git a/hooks/persistence/persistence-elastic/package.json b/hooks/persistence-elastic/package.json similarity index 100% rename from hooks/persistence/persistence-elastic/package.json rename to hooks/persistence-elastic/package.json diff --git a/hooks/persistence/persistence-elastic/templates/NOTES.txt b/hooks/persistence-elastic/templates/NOTES.txt similarity index 100% rename from hooks/persistence/persistence-elastic/templates/NOTES.txt rename to hooks/persistence-elastic/templates/NOTES.txt diff --git a/hooks/persistence/persistence-elastic/templates/_helpers.tpl b/hooks/persistence-elastic/templates/_helpers.tpl similarity index 100% rename from hooks/persistence/persistence-elastic/templates/_helpers.tpl rename to hooks/persistence-elastic/templates/_helpers.tpl diff --git a/hooks/persistence/persistence-elastic/templates/import-dashboard.yaml b/hooks/persistence-elastic/templates/import-dashboard.yaml similarity index 100% rename from hooks/persistence/persistence-elastic/templates/import-dashboard.yaml rename to hooks/persistence-elastic/templates/import-dashboard.yaml diff --git a/hooks/persistence/persistence-elastic/templates/persistence-provider.yaml b/hooks/persistence-elastic/templates/persistence-provider.yaml similarity index 100% rename from hooks/persistence/persistence-elastic/templates/persistence-provider.yaml rename to hooks/persistence-elastic/templates/persistence-provider.yaml diff --git a/hooks/persistence/persistence-elastic/values.yaml b/hooks/persistence-elastic/values.yaml similarity index 100% rename from hooks/persistence/persistence-elastic/values.yaml rename to hooks/persistence-elastic/values.yaml diff --git a/hooks/persistence/persistence-elastic/persist.test.js b/hooks/persistence/persistence-elastic/persist.test.js deleted file mode 100644 index d01d8a99..00000000 --- a/hooks/persistence/persistence-elastic/persist.test.js +++ /dev/null @@ -1,118 +0,0 @@ -const { persist, elasticClient } = require('./persist'); - -beforeEach(() => { - elasticClient.index.mockClear(); - elasticClient.bulk.mockClear(); -}); - -test('should only send scan summary document if no findings are passing in', async () => { - const findings = []; - - const getFindings = async () => findings; - - const scan = { - metadata: { - uid: '09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc', - name: 'demo-scan', - labels: { - company: 'iteratec', - }, - }, - spec: { - scanType: 'Nmap', - parameters: ['-Pn', 'localhost'], - }, - }; - - const now = new Date(); - - await persist({ getFindings, scan, now, tenant: 'default' }); - - expect(elasticClient.index).toBeCalledTimes(1); - expect(elasticClient.index).toBeCalledWith({ - body: { - '@timestamp': now, - id: '09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc', - labels: { - company: 'iteratec', - }, - name: 'demo-scan', - parameters: ['-Pn', 'localhost'], - scan_type: 'Nmap', - type: 'scan', - }, - index: `scbv2_default_${now.toISOString().substr(0, 10)}`, - }); - expect(elasticClient.bulk).not.toBeCalled(); -}); - -test('should send findings to elasticsearch', async () => { - const findings = [ - { - id: '4560b3e6-1219-4f5f-9b44-6579f5a32407', - name: 'Port 5601 is open', - category: 'Open Port', - }, - ]; - - const getFindings = async () => findings; - - const scan = { - metadata: { - uid: '09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc', - name: 'demo-scan', - labels: { - company: 'iteratec', - }, - }, - spec: { - scanType: 'Nmap', - parameters: ['-Pn', 'localhost'], - }, - }; - - const now = new Date(); - - await persist({ getFindings, scan, now, tenant: 'default' }); - - expect(elasticClient.index).toBeCalledTimes(1); - expect(elasticClient.index).toBeCalledWith({ - body: { - '@timestamp': now, - id: '09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc', - labels: { - company: 'iteratec', - }, - name: 'demo-scan', - parameters: ['-Pn', 'localhost'], - scan_type: 'Nmap', - type: 'scan', - }, - index: `scbv2_default_${now.toISOString().substr(0, 10)}`, - }); - - expect(elasticClient.bulk).toBeCalledTimes(1); - expect(elasticClient.bulk).toBeCalledWith({ - refresh: true, - body: [ - { - index: { - _index: `scbv2_default_${now.toISOString().substr(0, 10)}`, - }, - }, - { - '@timestamp': now, - category: 'Open Port', - id: '4560b3e6-1219-4f5f-9b44-6579f5a32407', - name: 'Port 5601 is open', - scan_id: '09988cdf-1fc7-4f85-95ee-1b1d65dbc7cc', - scan_labels: { - company: 'iteratec', - }, - scan_name: 'demo-scan', - scan_type: 'Nmap', - type: 'finding', - }, - ], - }); -}); From 7ac2fdcec3413d3d86cad61de73db0126a27a897 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 17:20:21 +0200 Subject: [PATCH 020/109] Add missing file contents to upadate call --- hook-sdk/nodejs/hook-wrapper.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/hook-sdk/nodejs/hook-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js index 4d4419d0..8874e8fb 100644 --- a/hook-sdk/nodejs/hook-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -22,9 +22,9 @@ function getFindings() { }); } -function uploadFile(url) { +function uploadFile(url, fileContents) { return axios - .put(url, findingsWithIds, { + .put(url, fileContents, { headers: { "content-type": "" }, }) .catch(function(error) { @@ -48,7 +48,7 @@ function uploadFile(url) { }); } -function uploadRawResults() { +function uploadRawResults(fileContents) { const rawResultUploadUrl = process.argv[4]; if (rawResultUploadUrl === undefined) { console.error( @@ -59,10 +59,10 @@ function uploadRawResults() { "If you want to change RawResults you'll need to use a ReadAndWrite Hook." ); } - return uploadFile(rawResultUploadUrl); + return uploadFile(rawResultUploadUrl, fileContents); } -function uploadFindings() { +function uploadFindings(findings) { const findingsUploadUrl = process.argv[5]; if (findingsUploadUrl === undefined) { console.error( @@ -73,7 +73,7 @@ function uploadFindings() { "If you want to change Findings you'll need to use a ReadAndWrite Hook." ); } - return uploadFile(findingsUploadUrl); + return uploadFile(findingsUploadUrl, JSON.stringify(findings)); } async function main() { From 6b34917fa316474b949b836e02277e13bf625986 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 17:21:07 +0200 Subject: [PATCH 021/109] Configure jest to automatically run all tests in the hook dir --- hooks/package.json | 18 ++++++++++++++++++ package.json | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 hooks/package.json diff --git a/hooks/package.json b/hooks/package.json new file mode 100644 index 00000000..cb681ce8 --- /dev/null +++ b/hooks/package.json @@ -0,0 +1,18 @@ +{ + "name": "securecodebox-hooks", + "version": "1.0.0", + "description": "", + "main": "index.js", + "directories": { + "example": "example" + }, + "scripts": { + "test": "jest" + }, + "keywords": [], + "author": "", + "license": "ISC", + "devDependencies": { + "jest": "^25.1.0" + } +} diff --git a/package.json b/package.json index a2b73dee..293f0ba0 100644 --- a/package.json +++ b/package.json @@ -31,7 +31,7 @@ "jest": { "projects": [ "/integrations/", - "/persistence/persistence-elastic/", + "/hooks/", { "displayName": "lint", "runner": "jest-runner-eslint", From d7439c5e322a1787a4e78d7e9a60943864de81ef Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 17:25:28 +0200 Subject: [PATCH 022/109] Add hook directory to ci --- .github/workflows/ci.yaml | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index fe28dd8f..3f7b60b8 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -20,9 +20,9 @@ jobs: # cd back cd - done - - name: "Install npm dependencies in all persistence sub projects" + - name: "Install npm dependencies in all hook sub projects" run: | - for dir in persistence/*/ + for dir in hooks/*/ do cd $dir if [ -f package.json ] && [ -f package-lock.json ]; then @@ -37,6 +37,8 @@ jobs: npm ci cd integrations/ npm ci + cd hooks/ + npm ci - name: "Run tests" run: | npm test -- --ci --colors --coverage @@ -172,28 +174,28 @@ jobs: path: ./integrations/zap/parser/ tag_with_ref: true tag_with_sha: true - persistenceImages: - name: "Build / PersistenceProviders" + hookImages: + name: "Build / Hooks" runs-on: ubuntu-latest steps: - uses: actions/checkout@master # SDK - uses: docker/build-push-action@v1 - name: "Build & Push Persistence SDK" + name: "Build & Push Hook SDK" with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/persistence-sdk-nodejs - path: ./persistence-sdk/nodejs/ + repository: scbexperimental/hook-sdk-nodejs + path: ./hook-sdk/nodejs/ tag_with_ref: true # Actual PersistenceProviders - uses: docker/build-push-action@v1 - name: "Build & Push Elastic PersistenceProvider Image" + name: "Build & Push Elastic PersistenceProvider Hook Image" with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/persistence-elastic - path: ./persistence/persistence-elastic/ + path: ./hooks/persistence-elastic/ tag_with_ref: true - uses: docker/build-push-action@v1 name: "Build & Push Elastic PersistenceProvider Dashboard Importer Image" @@ -201,7 +203,15 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/persistence-elastic-dashboard-importer - path: ./persistence/persistence-elastic/dashboardImporter/ + path: ./hooks/persistence-elastic/dashboardImporter/ + tag_with_ref: true + - uses: docker/build-push-action@v1 + name: "Build & Push GenericWebhook Hook Image" + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: scbexperimental/generic-webhook + path: ./hooks/generic-webhook/ tag_with_ref: true scannerImages: # Note we only build images for scanner that don't provider official public container images @@ -231,7 +241,7 @@ jobs: name: "Test / Integration / k8s ${{ matrix.k8sVersion }}" needs: - scannerImages - - persistenceImages + - hookImages - parserImages - operator - lurcher From 6e410855c1f85864e17c0de7efacb543b7640dc3 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 17:26:54 +0200 Subject: [PATCH 023/109] Cd back before cd'ing again --- .github/workflows/ci.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3f7b60b8..38185123 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -37,6 +37,7 @@ jobs: npm ci cd integrations/ npm ci + cd - cd hooks/ npm ci - name: "Run tests" From e32afa71a9e1baa09df3f14bfb60965b15346429 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Tue, 26 May 2020 17:29:53 +0200 Subject: [PATCH 024/109] Add missing lock file --- hooks/package-lock.json | 4674 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 4674 insertions(+) create mode 100644 hooks/package-lock.json diff --git a/hooks/package-lock.json b/hooks/package-lock.json new file mode 100644 index 00000000..2b68097b --- /dev/null +++ b/hooks/package-lock.json @@ -0,0 +1,4674 @@ +{ + "name": "securecodebox-hooks", + "version": "1.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@babel/code-frame": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.8.3.tgz", + "integrity": "sha512-a9gxpmdXtZEInkCSHUJDLHZVBgb1QS0jhss4cPP93EW7s+uC5bikET2twEF3KV+7rDblJcmNvTR7VJejqd2C2g==", + "dev": true, + "requires": { + "@babel/highlight": "^7.8.3" + } + }, + "@babel/core": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.9.6.tgz", + "integrity": "sha512-nD3deLvbsApbHAHttzIssYqgb883yU/d9roe4RZymBCDaZryMJDbptVpEpeQuRh4BJ+SYI8le9YGxKvFEvl1Wg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/generator": "^7.9.6", + "@babel/helper-module-transforms": "^7.9.0", + "@babel/helpers": "^7.9.6", + "@babel/parser": "^7.9.6", + "@babel/template": "^7.8.6", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6", + "convert-source-map": "^1.7.0", + "debug": "^4.1.0", + "gensync": "^1.0.0-beta.1", + "json5": "^2.1.2", + "lodash": "^4.17.13", + "resolve": "^1.3.2", + "semver": "^5.4.1", + "source-map": "^0.5.0" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + }, + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/generator": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.9.6.tgz", + "integrity": "sha512-+htwWKJbH2bL72HRluF8zumBxzuX0ZZUFl3JLNyoUjM/Ho8wnVpPXM6aUz8cfKDqQ/h7zHqKt4xzJteUosckqQ==", + "dev": true, + "requires": { + "@babel/types": "^7.9.6", + "jsesc": "^2.5.1", + "lodash": "^4.17.13", + "source-map": "^0.5.0" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/helper-function-name": { + "version": "7.9.5", + "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.9.5.tgz", + "integrity": "sha512-JVcQZeXM59Cd1qanDUxv9fgJpt3NeKUaqBqUEvfmQ+BCOKq2xUgaWZW2hr0dkbyJgezYuplEoh5knmrnS68efw==", + "dev": true, + "requires": { + "@babel/helper-get-function-arity": "^7.8.3", + "@babel/template": "^7.8.3", + "@babel/types": "^7.9.5" + } + }, + "@babel/helper-get-function-arity": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.8.3.tgz", + "integrity": "sha512-FVDR+Gd9iLjUMY1fzE2SR0IuaJToR4RkCDARVfsBBPSP53GEqSFjD8gNyxg246VUyc/ALRxFaAK8rVG7UT7xRA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-member-expression-to-functions": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.8.3.tgz", + "integrity": "sha512-fO4Egq88utkQFjbPrSHGmGLFqmrshs11d46WI+WZDESt7Wu7wN2G2Iu+NMMZJFDOVRHAMIkB5SNh30NtwCA7RA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-module-imports": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.8.3.tgz", + "integrity": "sha512-R0Bx3jippsbAEtzkpZ/6FIiuzOURPcMjHp+Z6xPe6DtApDJx+w7UYyOLanZqO8+wKR9G10s/FmHXvxaMd9s6Kg==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-module-transforms": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.9.0.tgz", + "integrity": "sha512-0FvKyu0gpPfIQ8EkxlrAydOWROdHpBmiCiRwLkUiBGhCUPRRbVD2/tm3sFr/c/GWFrQ/ffutGUAnx7V0FzT2wA==", + "dev": true, + "requires": { + "@babel/helper-module-imports": "^7.8.3", + "@babel/helper-replace-supers": "^7.8.6", + "@babel/helper-simple-access": "^7.8.3", + "@babel/helper-split-export-declaration": "^7.8.3", + "@babel/template": "^7.8.6", + "@babel/types": "^7.9.0", + "lodash": "^4.17.13" + } + }, + "@babel/helper-optimise-call-expression": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.8.3.tgz", + "integrity": "sha512-Kag20n86cbO2AvHca6EJsvqAd82gc6VMGule4HwebwMlwkpXuVqrNRj6CkCV2sKxgi9MyAUnZVnZ6lJ1/vKhHQ==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-plugin-utils": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.8.3.tgz", + "integrity": "sha512-j+fq49Xds2smCUNYmEHF9kGNkhbet6yVIBp4e6oeQpH1RUs/Ir06xUKzDjDkGcaaokPiTNs2JBWHjaE4csUkZQ==", + "dev": true + }, + "@babel/helper-replace-supers": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.9.6.tgz", + "integrity": "sha512-qX+chbxkbArLyCImk3bWV+jB5gTNU/rsze+JlcF6Nf8tVTigPJSI1o1oBow/9Resa1yehUO9lIipsmu9oG4RzA==", + "dev": true, + "requires": { + "@babel/helper-member-expression-to-functions": "^7.8.3", + "@babel/helper-optimise-call-expression": "^7.8.3", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6" + } + }, + "@babel/helper-simple-access": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.8.3.tgz", + "integrity": "sha512-VNGUDjx5cCWg4vvCTR8qQ7YJYZ+HBjxOgXEl7ounz+4Sn7+LMD3CFrCTEU6/qXKbA2nKg21CwhhBzO0RpRbdCw==", + "dev": true, + "requires": { + "@babel/template": "^7.8.3", + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-split-export-declaration": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.8.3.tgz", + "integrity": "sha512-3x3yOeyBhW851hroze7ElzdkeRXQYQbFIb7gLK1WQYsw2GWDay5gAJNw1sWJ0VFP6z5J1whqeXH/WCdCjZv6dA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-validator-identifier": { + "version": "7.9.5", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.9.5.tgz", + "integrity": "sha512-/8arLKUFq882w4tWGj9JYzRpAlZgiWUJ+dtteNTDqrRBz9Iguck9Rn3ykuBDoUwh2TO4tSAJlrxDUOXWklJe4g==", + "dev": true + }, + "@babel/helpers": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.9.6.tgz", + "integrity": "sha512-tI4bUbldloLcHWoRUMAj4g1bF313M/o6fBKhIsb3QnGVPwRm9JsNf/gqMkQ7zjqReABiffPV6RWj7hEglID5Iw==", + "dev": true, + "requires": { + "@babel/template": "^7.8.3", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6" + } + }, + "@babel/highlight": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.9.0.tgz", + "integrity": "sha512-lJZPilxX7Op3Nv/2cvFdnlepPXDxi29wxteT57Q965oc5R9v86ztx0jfxVrTcBk8C2kcPkkDa2Z4T3ZsPPVWsQ==", + "dev": true, + "requires": { + "@babel/helper-validator-identifier": "^7.9.0", + "chalk": "^2.0.0", + "js-tokens": "^4.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "dev": true, + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "dev": true, + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "color-convert": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "dev": true, + "requires": { + "color-name": "1.1.3" + } + }, + "color-name": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", + "dev": true + }, + "has-flag": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", + "dev": true + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "@babel/parser": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.9.6.tgz", + "integrity": "sha512-AoeIEJn8vt+d/6+PXDRPaksYhnlbMIiejioBZvvMQsOjW/JYK6k/0dKnvvP3EhK5GfMBWDPtrxRtegWdAcdq9Q==", + "dev": true + }, + "@babel/plugin-syntax-async-generators": { + "version": "7.8.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-bigint": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", + "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-class-properties": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.8.3.tgz", + "integrity": "sha512-UcAyQWg2bAN647Q+O811tG9MrJ38Z10jjhQdKNAL8fsyPzE3cCN/uT+f55cFVY4aGO4jqJAvmqsuY3GQDwAoXg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-json-strings": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-logical-assignment-operators": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.8.3.tgz", + "integrity": "sha512-Zpg2Sgc++37kuFl6ppq2Q7Awc6E6AIW671x5PY8E/f7MCIyPPGK/EoeZXvvY3P42exZ3Q4/t3YOzP/HiN79jDg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-nullish-coalescing-operator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-numeric-separator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.8.3.tgz", + "integrity": "sha512-H7dCMAdN83PcCmqmkHB5dtp+Xa9a6LKSvA2hiFBC/5alSHxM5VgWZXFqDi0YFe8XNGT6iCa+z4V4zSt/PdZ7Dw==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-object-rest-spread": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-catch-binding": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-chaining": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/template": { + "version": "7.8.6", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.8.6.tgz", + "integrity": "sha512-zbMsPMy/v0PWFZEhQJ66bqjhH+z0JgMoBWuikXybgG3Gkd/3t5oQ1Rw2WQhnSrsOmsKXnZOx15tkC4qON/+JPg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/parser": "^7.8.6", + "@babel/types": "^7.8.6" + } + }, + "@babel/traverse": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.9.6.tgz", + "integrity": "sha512-b3rAHSjbxy6VEAvlxM8OV/0X4XrG72zoxme6q1MOoe2vd0bEc+TwayhuC1+Dfgqh1QEG+pj7atQqvUprHIccsg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/generator": "^7.9.6", + "@babel/helper-function-name": "^7.9.5", + "@babel/helper-split-export-declaration": "^7.8.3", + "@babel/parser": "^7.9.6", + "@babel/types": "^7.9.6", + "debug": "^4.1.0", + "globals": "^11.1.0", + "lodash": "^4.17.13" + } + }, + "@babel/types": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.9.6.tgz", + "integrity": "sha512-qxXzvBO//jO9ZnoasKF1uJzHd2+M6Q2ZPIVfnFps8JJvXy0ZBbwbNOmE6SGIY5XOY6d1Bo5lb9d9RJ8nv3WSeA==", + "dev": true, + "requires": { + "@babel/helper-validator-identifier": "^7.9.5", + "lodash": "^4.17.13", + "to-fast-properties": "^2.0.0" + } + }, + "@bcoe/v8-coverage": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", + "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "dev": true + }, + "@cnakazawa/watch": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@cnakazawa/watch/-/watch-1.0.4.tgz", + "integrity": "sha512-v9kIhKwjeZThiWrLmj0y17CWoyddASLj9O2yvbZkbvw/N3rWOYy9zkV66ursAoVr0mV15bL8g0c4QZUE6cdDoQ==", + "dev": true, + "requires": { + "exec-sh": "^0.3.2", + "minimist": "^1.2.0" + } + }, + "@istanbuljs/load-nyc-config": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", + "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "dev": true, + "requires": { + "camelcase": "^5.3.1", + "find-up": "^4.1.0", + "get-package-type": "^0.1.0", + "js-yaml": "^3.13.1", + "resolve-from": "^5.0.0" + } + }, + "@istanbuljs/schema": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.2.tgz", + "integrity": "sha512-tsAQNx32a8CoFhjhijUIhI4kccIAgmGhy8LZMZgGfmXcpMbPRUqn5LWmgRttILi6yeGmBJd2xsPkFMs0PzgPCw==", + "dev": true + }, + "@jest/console": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/console/-/console-25.5.0.tgz", + "integrity": "sha512-T48kZa6MK1Y6k4b89sexwmSF4YLeZS/Udqg3Jj3jG/cHH+N/sLFCEoXEDMOKugJQ9FxPN1osxIknvKkxt6MKyw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "jest-message-util": "^25.5.0", + "jest-util": "^25.5.0", + "slash": "^3.0.0" + } + }, + "@jest/core": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/@jest/core/-/core-25.5.4.tgz", + "integrity": "sha512-3uSo7laYxF00Dg/DMgbn4xMJKmDdWvZnf89n8Xj/5/AeQ2dOQmn6b6Hkj/MleyzZWXpwv+WSdYWl4cLsy2JsoA==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/reporters": "^25.5.1", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "ansi-escapes": "^4.2.1", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-changed-files": "^25.5.0", + "jest-config": "^25.5.4", + "jest-haste-map": "^25.5.1", + "jest-message-util": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-resolve-dependencies": "^25.5.4", + "jest-runner": "^25.5.4", + "jest-runtime": "^25.5.4", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "jest-watcher": "^25.5.0", + "micromatch": "^4.0.2", + "p-each-series": "^2.1.0", + "realpath-native": "^2.0.0", + "rimraf": "^3.0.0", + "slash": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "@jest/environment": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-25.5.0.tgz", + "integrity": "sha512-U2VXPEqL07E/V7pSZMSQCvV5Ea4lqOlT+0ZFijl/i316cRMHvZ4qC+jBdryd+lmRetjQo0YIQr6cVPNxxK87mA==", + "dev": true, + "requires": { + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0" + } + }, + "@jest/fake-timers": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-25.5.0.tgz", + "integrity": "sha512-9y2+uGnESw/oyOI3eww9yaxdZyHq7XvprfP/eeoCsjqKYts2yRlsHS/SgjPDV8FyMfn2nbMy8YzUk6nyvdLOpQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "lolex": "^5.0.0" + } + }, + "@jest/globals": { + "version": "25.5.2", + "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-25.5.2.tgz", + "integrity": "sha512-AgAS/Ny7Q2RCIj5kZ+0MuKM1wbF0WMLxbCVl/GOMoCNbODRdJ541IxJ98xnZdVSZXivKpJlNPIWa3QmY0l4CXA==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/types": "^25.5.0", + "expect": "^25.5.0" + } + }, + "@jest/reporters": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-25.5.1.tgz", + "integrity": "sha512-3jbd8pPDTuhYJ7vqiHXbSwTJQNavczPs+f1kRprRDxETeE3u6srJ+f0NPuwvOmk+lmunZzPkYWIFZDLHQPkviw==", + "dev": true, + "requires": { + "@bcoe/v8-coverage": "^0.2.3", + "@jest/console": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "collect-v8-coverage": "^1.0.0", + "exit": "^0.1.2", + "glob": "^7.1.2", + "graceful-fs": "^4.2.4", + "istanbul-lib-coverage": "^3.0.0", + "istanbul-lib-instrument": "^4.0.0", + "istanbul-lib-report": "^3.0.0", + "istanbul-lib-source-maps": "^4.0.0", + "istanbul-reports": "^3.0.2", + "jest-haste-map": "^25.5.1", + "jest-resolve": "^25.5.1", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "node-notifier": "^6.0.0", + "slash": "^3.0.0", + "source-map": "^0.6.0", + "string-length": "^3.1.0", + "terminal-link": "^2.0.0", + "v8-to-istanbul": "^4.1.3" + } + }, + "@jest/source-map": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-25.5.0.tgz", + "integrity": "sha512-eIGx0xN12yVpMcPaVpjXPnn3N30QGJCJQSkEDUt9x1fI1Gdvb07Ml6K5iN2hG7NmMP6FDmtPEssE3z6doOYUwQ==", + "dev": true, + "requires": { + "callsites": "^3.0.0", + "graceful-fs": "^4.2.4", + "source-map": "^0.6.0" + } + }, + "@jest/test-result": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-25.5.0.tgz", + "integrity": "sha512-oV+hPJgXN7IQf/fHWkcS99y0smKLU2czLBJ9WA0jHITLst58HpQMtzSYxzaBvYc6U5U6jfoMthqsUlUlbRXs0A==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/types": "^25.5.0", + "@types/istanbul-lib-coverage": "^2.0.0", + "collect-v8-coverage": "^1.0.0" + } + }, + "@jest/test-sequencer": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-25.5.4.tgz", + "integrity": "sha512-pTJGEkSeg1EkCO2YWq6hbFvKNXk8ejqlxiOg1jBNLnWrgXOkdY6UmqZpwGFXNnRt9B8nO1uWMzLLZ4eCmhkPNA==", + "dev": true, + "requires": { + "@jest/test-result": "^25.5.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^25.5.1", + "jest-runner": "^25.5.4", + "jest-runtime": "^25.5.4" + } + }, + "@jest/transform": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-25.5.1.tgz", + "integrity": "sha512-Y8CEoVwXb4QwA6Y/9uDkn0Xfz0finGkieuV0xkdF9UtZGJeLukD5nLkaVrVsODB1ojRWlaoD0AJZpVHCSnJEvg==", + "dev": true, + "requires": { + "@babel/core": "^7.1.0", + "@jest/types": "^25.5.0", + "babel-plugin-istanbul": "^6.0.0", + "chalk": "^3.0.0", + "convert-source-map": "^1.4.0", + "fast-json-stable-stringify": "^2.0.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^25.5.1", + "jest-regex-util": "^25.2.6", + "jest-util": "^25.5.0", + "micromatch": "^4.0.2", + "pirates": "^4.0.1", + "realpath-native": "^2.0.0", + "slash": "^3.0.0", + "source-map": "^0.6.1", + "write-file-atomic": "^3.0.0" + } + }, + "@jest/types": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-25.5.0.tgz", + "integrity": "sha512-OXD0RgQ86Tu3MazKo8bnrkDRaDXXMGUqd+kTtLtK1Zb7CRzQcaSRPPPV37SvYTdevXEBVxe0HXylEjs8ibkmCw==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "^2.0.0", + "@types/istanbul-reports": "^1.1.1", + "@types/yargs": "^15.0.0", + "chalk": "^3.0.0" + } + }, + "@sinonjs/commons": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.0.tgz", + "integrity": "sha512-wEj54PfsZ5jGSwMX68G8ZXFawcSglQSXqCftWX3ec8MDUzQdHgcKvw97awHbY0efQEL5iKUOAmmVtoYgmrSG4Q==", + "dev": true, + "requires": { + "type-detect": "4.0.8" + } + }, + "@types/babel__core": { + "version": "7.1.7", + "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.7.tgz", + "integrity": "sha512-RL62NqSFPCDK2FM1pSDH0scHpJvsXtZNiYlMB73DgPBaG1E38ZYVL+ei5EkWRbr+KC4YNiAUNBnRj+bgwpgjMw==", + "dev": true, + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0", + "@types/babel__generator": "*", + "@types/babel__template": "*", + "@types/babel__traverse": "*" + } + }, + "@types/babel__generator": { + "version": "7.6.1", + "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.1.tgz", + "integrity": "sha512-bBKm+2VPJcMRVwNhxKu8W+5/zT7pwNEqeokFOmbvVSqGzFneNxYcEBro9Ac7/N9tlsaPYnZLK8J1LWKkMsLAew==", + "dev": true, + "requires": { + "@babel/types": "^7.0.0" + } + }, + "@types/babel__template": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.0.2.tgz", + "integrity": "sha512-/K6zCpeW7Imzgab2bLkLEbz0+1JlFSrUMdw7KoIIu+IUdu51GWaBZpd3y1VXGVXzynvGa4DaIaxNZHiON3GXUg==", + "dev": true, + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0" + } + }, + "@types/babel__traverse": { + "version": "7.0.11", + "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.0.11.tgz", + "integrity": "sha512-ddHK5icION5U6q11+tV2f9Mo6CZVuT8GJKld2q9LqHSZbvLbH34Kcu2yFGckZut453+eQU6btIA3RihmnRgI+Q==", + "dev": true, + "requires": { + "@babel/types": "^7.3.0" + } + }, + "@types/color-name": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@types/color-name/-/color-name-1.1.1.tgz", + "integrity": "sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==", + "dev": true + }, + "@types/graceful-fs": { + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.3.tgz", + "integrity": "sha512-AiHRaEB50LQg0pZmm659vNBb9f4SJ0qrAnteuzhSeAUcJKxoYgEnprg/83kppCnc2zvtCKbdZry1a5pVY3lOTQ==", + "dev": true, + "requires": { + "@types/node": "*" + } + }, + "@types/istanbul-lib-coverage": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.2.tgz", + "integrity": "sha512-rsZg7eL+Xcxsxk2XlBt9KcG8nOp9iYdKCOikY9x2RFJCyOdNj4MKPQty0e8oZr29vVAzKXr1BmR+kZauti3o1w==", + "dev": true + }, + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "*" + } + }, + "@types/istanbul-reports": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-1.1.2.tgz", + "integrity": "sha512-P/W9yOX/3oPZSpaYOCQzGqgCQRXn0FFO/V8bWrCQs+wLmvVVxk6CRBXALEvNs9OHIatlnlFokfhuDo2ug01ciw==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "*", + "@types/istanbul-lib-report": "*" + } + }, + "@types/node": { + "version": "14.0.5", + "resolved": "https://registry.npmjs.org/@types/node/-/node-14.0.5.tgz", + "integrity": "sha512-90hiq6/VqtQgX8Sp0EzeIsv3r+ellbGj4URKj5j30tLlZvRUpnAe9YbYnjl3pJM93GyXU0tghHhvXHq+5rnCKA==", + "dev": true + }, + "@types/normalize-package-data": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@types/normalize-package-data/-/normalize-package-data-2.4.0.tgz", + "integrity": "sha512-f5j5b/Gf71L+dbqxIpQ4Z2WlmI/mPJ0fOkGGmFgtb6sAu97EPczzbS3/tJKxmcYDj55OX6ssqwDAWOHIYDRDGA==", + "dev": true + }, + "@types/prettier": { + "version": "1.19.1", + "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-1.19.1.tgz", + "integrity": "sha512-5qOlnZscTn4xxM5MeGXAMOsIOIKIbh9e85zJWfBRVPlRMEVawzoPhINYbRGkBZCI8LxvBe7tJCdWiarA99OZfQ==", + "dev": true + }, + "@types/stack-utils": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-1.0.1.tgz", + "integrity": "sha512-l42BggppR6zLmpfU6fq9HEa2oGPEI8yrSPL3GITjfRInppYFahObbIQOQK3UGxEnyQpltZLaPe75046NOZQikw==", + "dev": true + }, + "@types/yargs": { + "version": "15.0.5", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-15.0.5.tgz", + "integrity": "sha512-Dk/IDOPtOgubt/IaevIUbTgV7doaKkoorvOyYM2CMwuDyP89bekI7H4xLIwunNYiK9jhCkmc6pUrJk3cj2AB9w==", + "dev": true, + "requires": { + "@types/yargs-parser": "*" + } + }, + "@types/yargs-parser": { + "version": "15.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-15.0.0.tgz", + "integrity": "sha512-FA/BWv8t8ZWJ+gEOnLLd8ygxH/2UFbAvgEonyfN6yWGLKc7zVjbpl2Y4CTjid9h2RfgPP6SEt6uHwEOply00yw==", + "dev": true + }, + "abab": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.3.tgz", + "integrity": "sha512-tsFzPpcttalNjFBCFMqsKYQcWxxen1pgJR56by//QwvJc4/OUS3kPOOttx2tSIfjsylB0pYu7f5D3K1RCxUnUg==", + "dev": true + }, + "acorn": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.2.0.tgz", + "integrity": "sha512-apwXVmYVpQ34m/i71vrApRrRKCWQnZZF1+npOD0WV5xZFfwWOmKGQ2RWlfdy9vWITsenisM8M0Qeq8agcFHNiQ==", + "dev": true + }, + "acorn-globals": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-4.3.4.tgz", + "integrity": "sha512-clfQEh21R+D0leSbUdWf3OcfqyaCSAQ8Ryq00bofSekfr9W8u1jyYZo6ir0xu9Gtcf7BjcHJpnbZH7JOCpP60A==", + "dev": true, + "requires": { + "acorn": "^6.0.1", + "acorn-walk": "^6.0.1" + }, + "dependencies": { + "acorn": { + "version": "6.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", + "integrity": "sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==", + "dev": true + } + } + }, + "acorn-walk": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-6.2.0.tgz", + "integrity": "sha512-7evsyfH1cLOCdAzZAd43Cic04yKydNx0cF+7tiA19p1XnLLPU4dpCQOqpjqwokFe//vS0QqfqqjCS2JkiIs0cA==", + "dev": true + }, + "ajv": { + "version": "6.12.2", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.2.tgz", + "integrity": "sha512-k+V+hzjm5q/Mr8ef/1Y9goCmlsK4I6Sm74teeyGvFk1XrOsbsKLjEdrvny42CZ+a8sXbk8KWpY/bDwS+FLL2UQ==", + "dev": true, + "requires": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, + "ansi-escapes": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.1.tgz", + "integrity": "sha512-JWF7ocqNrp8u9oqpgV+wH5ftbt+cfvv+PTjOvKLT3AdYly/LmORARfEVT1iyjwN+4MqE5UmVKoAdIBqeoCHgLA==", + "dev": true, + "requires": { + "type-fest": "^0.11.0" + }, + "dependencies": { + "type-fest": { + "version": "0.11.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.11.0.tgz", + "integrity": "sha512-OdjXJxnCN1AvyLSzeKIgXTXxV+99ZuXl3Hpo9XpJAv9MBcHrrJOQ5kV7ypXOuQie+AmWG25hLbiKdwYTifzcfQ==", + "dev": true + } + } + }, + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==", + "dev": true + }, + "ansi-styles": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.2.1.tgz", + "integrity": "sha512-9VGjrMsG1vePxcSweQsN20KY/c4zN0h9fLjqAbwbPfahM3t+NL+M9HC8xeXG2I8pX5NoamTGNuomEUFI7fcUjA==", + "dev": true, + "requires": { + "@types/color-name": "^1.1.1", + "color-convert": "^2.0.1" + } + }, + "anymatch": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.1.tgz", + "integrity": "sha512-mM8522psRCqzV+6LhomX5wgp25YVibjh8Wj23I5RPkPppSVSjyKD2A2mBJmWGa+KN7f2D6LNh9jkBCeyLktzjg==", + "dev": true, + "requires": { + "normalize-path": "^3.0.0", + "picomatch": "^2.0.4" + } + }, + "argparse": { + "version": "1.0.10", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, + "requires": { + "sprintf-js": "~1.0.2" + } + }, + "arr-diff": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/arr-diff/-/arr-diff-4.0.0.tgz", + "integrity": "sha1-1kYQdP6/7HHn4VI1dhoyml3HxSA=", + "dev": true + }, + "arr-flatten": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/arr-flatten/-/arr-flatten-1.1.0.tgz", + "integrity": "sha512-L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg==", + "dev": true + }, + "arr-union": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-3.1.0.tgz", + "integrity": "sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ=", + "dev": true + }, + "array-equal": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/array-equal/-/array-equal-1.0.0.tgz", + "integrity": "sha1-jCpe8kcv2ep0KwTHenUJO6J1fJM=", + "dev": true + }, + "array-unique": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.3.2.tgz", + "integrity": "sha1-qJS3XUvE9s1nnvMkSp/Y9Gri1Cg=", + "dev": true + }, + "asn1": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", + "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", + "dev": true, + "requires": { + "safer-buffer": "~2.1.0" + } + }, + "assert-plus": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", + "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", + "dev": true + }, + "assign-symbols": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assign-symbols/-/assign-symbols-1.0.0.tgz", + "integrity": "sha1-WWZ/QfrdTyDMvCu5a41Pf3jsA2c=", + "dev": true + }, + "astral-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-1.0.0.tgz", + "integrity": "sha512-+Ryf6g3BKoRc7jfp7ad8tM4TtMiaWvbF/1/sQcZPkkS7ag3D5nMBCe2UfOTONtAkaG0tO0ij3C5Lwmf1EiyjHg==", + "dev": true + }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", + "dev": true + }, + "atob": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz", + "integrity": "sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==", + "dev": true + }, + "aws-sign2": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", + "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", + "dev": true + }, + "aws4": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.10.0.tgz", + "integrity": "sha512-3YDiu347mtVtjpyV3u5kVqQLP242c06zwDOgpeRnybmXlYYsLbtTrUBUm8i8srONt+FWobl5aibnU1030PeeuA==", + "dev": true + }, + "babel-jest": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-25.5.1.tgz", + "integrity": "sha512-9dA9+GmMjIzgPnYtkhBg73gOo/RHqPmLruP3BaGL4KEX3Dwz6pI8auSN8G8+iuEG90+GSswyKvslN+JYSaacaQ==", + "dev": true, + "requires": { + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "@types/babel__core": "^7.1.7", + "babel-plugin-istanbul": "^6.0.0", + "babel-preset-jest": "^25.5.0", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "slash": "^3.0.0" + } + }, + "babel-plugin-istanbul": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.0.0.tgz", + "integrity": "sha512-AF55rZXpe7trmEylbaE1Gv54wn6rwU03aptvRoVIGP8YykoSxqdVLV1TfwflBCE/QtHmqtP8SWlTENqbK8GCSQ==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.0.0", + "@istanbuljs/load-nyc-config": "^1.0.0", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-instrument": "^4.0.0", + "test-exclude": "^6.0.0" + } + }, + "babel-plugin-jest-hoist": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-25.5.0.tgz", + "integrity": "sha512-u+/W+WAjMlvoocYGTwthAiQSxDcJAyHpQ6oWlHdFZaaN+Rlk8Q7iiwDPg2lN/FyJtAYnKjFxbn7xus4HCFkg5g==", + "dev": true, + "requires": { + "@babel/template": "^7.3.3", + "@babel/types": "^7.3.3", + "@types/babel__traverse": "^7.0.6" + } + }, + "babel-preset-current-node-syntax": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-0.1.2.tgz", + "integrity": "sha512-u/8cS+dEiK1SFILbOC8/rUI3ml9lboKuuMvZ/4aQnQmhecQAgPw5ew066C1ObnEAUmlx7dv/s2z52psWEtLNiw==", + "dev": true, + "requires": { + "@babel/plugin-syntax-async-generators": "^7.8.4", + "@babel/plugin-syntax-bigint": "^7.8.3", + "@babel/plugin-syntax-class-properties": "^7.8.3", + "@babel/plugin-syntax-json-strings": "^7.8.3", + "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", + "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", + "@babel/plugin-syntax-numeric-separator": "^7.8.3", + "@babel/plugin-syntax-object-rest-spread": "^7.8.3", + "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", + "@babel/plugin-syntax-optional-chaining": "^7.8.3" + } + }, + "babel-preset-jest": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-25.5.0.tgz", + "integrity": "sha512-8ZczygctQkBU+63DtSOKGh7tFL0CeCuz+1ieud9lJ1WPQ9O6A1a/r+LGn6Y705PA6whHQ3T1XuB/PmpfNYf8Fw==", + "dev": true, + "requires": { + "babel-plugin-jest-hoist": "^25.5.0", + "babel-preset-current-node-syntax": "^0.1.2" + } + }, + "balanced-match": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", + "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=", + "dev": true + }, + "base": { + "version": "0.11.2", + "resolved": "https://registry.npmjs.org/base/-/base-0.11.2.tgz", + "integrity": "sha512-5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg==", + "dev": true, + "requires": { + "cache-base": "^1.0.1", + "class-utils": "^0.3.5", + "component-emitter": "^1.2.1", + "define-property": "^1.0.0", + "isobject": "^3.0.1", + "mixin-deep": "^1.2.0", + "pascalcase": "^0.1.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "bcrypt-pbkdf": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", + "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", + "dev": true, + "requires": { + "tweetnacl": "^0.14.3" + } + }, + "brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "dev": true, + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "braces": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "dev": true, + "requires": { + "fill-range": "^7.0.1" + } + }, + "browser-process-hrtime": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", + "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==", + "dev": true + }, + "browser-resolve": { + "version": "1.11.3", + "resolved": "https://registry.npmjs.org/browser-resolve/-/browser-resolve-1.11.3.tgz", + "integrity": "sha512-exDi1BYWB/6raKHmDTCicQfTkqwN5fioMFV4j8BsfMU4R2DK/QfZfK7kOVkmWCNANf0snkBzqGqAJBao9gZMdQ==", + "dev": true, + "requires": { + "resolve": "1.1.7" + }, + "dependencies": { + "resolve": { + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.1.7.tgz", + "integrity": "sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs=", + "dev": true + } + } + }, + "bser": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "dev": true, + "requires": { + "node-int64": "^0.4.0" + } + }, + "buffer-from": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", + "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==", + "dev": true + }, + "cache-base": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/cache-base/-/cache-base-1.0.1.tgz", + "integrity": "sha512-AKcdTnFSWATd5/GCPRxr2ChwIJ85CeyrEyjRHlKxQ56d4XJMGym0uAiKn0xbLOGOl3+yRpOTi484dVCEc5AUzQ==", + "dev": true, + "requires": { + "collection-visit": "^1.0.0", + "component-emitter": "^1.2.1", + "get-value": "^2.0.6", + "has-value": "^1.0.0", + "isobject": "^3.0.1", + "set-value": "^2.0.0", + "to-object-path": "^0.3.0", + "union-value": "^1.0.0", + "unset-value": "^1.0.0" + } + }, + "callsites": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "dev": true + }, + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true + }, + "capture-exit": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/capture-exit/-/capture-exit-2.0.0.tgz", + "integrity": "sha512-PiT/hQmTonHhl/HFGN+Lx3JJUznrVYJ3+AQsnthneZbvW7x+f08Tk7yLJTLEOUvBTbduLeeBkxEaYXUOUrRq6g==", + "dev": true, + "requires": { + "rsvp": "^4.8.4" + } + }, + "caseless": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", + "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=", + "dev": true + }, + "chalk": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-3.0.0.tgz", + "integrity": "sha512-4D3B6Wf41KOYRFdszmDqMCGq5VV/uMAB273JILmO+3jAlh8X4qDtdtgCR3fxtbLEMzSx22QdhnDcJvu2u1fVwg==", + "dev": true, + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } + }, + "ci-info": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", + "integrity": "sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==", + "dev": true + }, + "class-utils": { + "version": "0.3.6", + "resolved": "https://registry.npmjs.org/class-utils/-/class-utils-0.3.6.tgz", + "integrity": "sha512-qOhPa/Fj7s6TY8H8esGu5QNpMMQxz79h+urzrNYN6mn+9BnxlDGf5QZ+XeCDsxSjPqsSR56XOZOJmpeurnLMeg==", + "dev": true, + "requires": { + "arr-union": "^3.1.0", + "define-property": "^0.2.5", + "isobject": "^3.0.0", + "static-extend": "^0.1.1" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "cliui": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-6.0.0.tgz", + "integrity": "sha512-t6wbgtoCXvAzst7QgXxJYqPt0usEfbgQdftEPbLL/cvv6HPE5VgvqCuAIDR0NgU52ds6rFwqrgakNLrHEjCbrQ==", + "dev": true, + "requires": { + "string-width": "^4.2.0", + "strip-ansi": "^6.0.0", + "wrap-ansi": "^6.2.0" + } + }, + "co": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=", + "dev": true + }, + "collect-v8-coverage": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", + "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", + "dev": true + }, + "collection-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/collection-visit/-/collection-visit-1.0.0.tgz", + "integrity": "sha1-S8A3PBZLwykbTTaMgpzxqApZ3KA=", + "dev": true, + "requires": { + "map-visit": "^1.0.0", + "object-visit": "^1.0.0" + } + }, + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "requires": { + "color-name": "~1.1.4" + } + }, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dev": true, + "requires": { + "delayed-stream": "~1.0.0" + } + }, + "component-emitter": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz", + "integrity": "sha512-Rd3se6QB+sO1TwqZjscQrurpEPIfO0/yYnSin6Q/rD3mOutHvUrCAhJub3r90uNb+SESBuE0QYoB90YdfatsRg==", + "dev": true + }, + "concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", + "dev": true + }, + "convert-source-map": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.7.0.tgz", + "integrity": "sha512-4FJkXzKXEDB1snCFZlLP4gpC3JILicCpGbzG9f9G7tGqGCzETQ2hWPrcinA9oU4wtf2biUaEH5065UnMeR33oA==", + "dev": true, + "requires": { + "safe-buffer": "~5.1.1" + } + }, + "copy-descriptor": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz", + "integrity": "sha1-Z29us8OZl8LuGsOpJP1hJHSPV40=", + "dev": true + }, + "core-util-is": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", + "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=", + "dev": true + }, + "cross-spawn": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", + "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==", + "dev": true, + "requires": { + "nice-try": "^1.0.4", + "path-key": "^2.0.1", + "semver": "^5.5.0", + "shebang-command": "^1.2.0", + "which": "^1.2.9" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + }, + "which": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", + "dev": true, + "requires": { + "isexe": "^2.0.0" + } + } + } + }, + "cssom": { + "version": "0.4.4", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz", + "integrity": "sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw==", + "dev": true + }, + "cssstyle": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-2.3.0.tgz", + "integrity": "sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A==", + "dev": true, + "requires": { + "cssom": "~0.3.6" + }, + "dependencies": { + "cssom": { + "version": "0.3.8", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz", + "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==", + "dev": true + } + } + }, + "dashdash": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", + "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0" + } + }, + "data-urls": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-1.1.0.tgz", + "integrity": "sha512-YTWYI9se1P55u58gL5GkQHW4P6VJBJ5iBT+B5a7i2Tjadhv52paJG0qHX4A0OR6/t52odI64KP2YvFpkDOi3eQ==", + "dev": true, + "requires": { + "abab": "^2.0.0", + "whatwg-mimetype": "^2.2.0", + "whatwg-url": "^7.0.0" + } + }, + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "dev": true, + "requires": { + "ms": "^2.1.1" + } + }, + "decamelize": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", + "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=", + "dev": true + }, + "decode-uri-component": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.0.tgz", + "integrity": "sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=", + "dev": true + }, + "deep-is": { + "version": "0.1.3", + "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", + "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", + "dev": true + }, + "deepmerge": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz", + "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==", + "dev": true + }, + "define-property": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-2.0.2.tgz", + "integrity": "sha512-jwK2UV4cnPpbcG7+VRARKTZPUWowwXA8bzH5NP6ud0oeAxyYPuGZUAC7hMugpCdz4BeSZl2Dl9k66CHJ/46ZYQ==", + "dev": true, + "requires": { + "is-descriptor": "^1.0.2", + "isobject": "^3.0.1" + }, + "dependencies": { + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", + "dev": true + }, + "detect-newline": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", + "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "dev": true + }, + "diff-sequences": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-25.2.6.tgz", + "integrity": "sha512-Hq8o7+6GaZeoFjtpgvRBUknSXNeJiCx7V9Fr94ZMljNiCr9n9L8H8aJqgWOQiDDGdyn29fRNcDdRVJ5fdyihfg==", + "dev": true + }, + "domexception": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/domexception/-/domexception-1.0.1.tgz", + "integrity": "sha512-raigMkn7CJNNo6Ihro1fzG7wr3fHuYVytzquZKX5n0yizGsTcYgzdIUwj1X9pK0VvjeihV+XiclP+DjwbsSKug==", + "dev": true, + "requires": { + "webidl-conversions": "^4.0.2" + } + }, + "ecc-jsbn": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", + "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "dev": true, + "requires": { + "jsbn": "~0.1.0", + "safer-buffer": "^2.1.0" + } + }, + "emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true + }, + "end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "dev": true, + "requires": { + "once": "^1.4.0" + } + }, + "error-ex": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "dev": true, + "requires": { + "is-arrayish": "^0.2.1" + } + }, + "escape-string-regexp": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", + "dev": true + }, + "escodegen": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-1.14.1.tgz", + "integrity": "sha512-Bmt7NcRySdIfNPfU2ZoXDrrXsG9ZjvDxcAlMfDUgRBjLOWTuIACXPBFJH7Z+cLb40JeQco5toikyc9t9P8E9SQ==", + "dev": true, + "requires": { + "esprima": "^4.0.1", + "estraverse": "^4.2.0", + "esutils": "^2.0.2", + "optionator": "^0.8.1", + "source-map": "~0.6.1" + } + }, + "esprima": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true + }, + "estraverse": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==", + "dev": true + }, + "esutils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", + "dev": true + }, + "exec-sh": { + "version": "0.3.4", + "resolved": "https://registry.npmjs.org/exec-sh/-/exec-sh-0.3.4.tgz", + "integrity": "sha512-sEFIkc61v75sWeOe72qyrqg2Qg0OuLESziUDk/O/z2qgS15y2gWVFrI6f2Qn/qw/0/NCfCEsmNA4zOjkwEZT1A==", + "dev": true + }, + "execa": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz", + "integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==", + "dev": true, + "requires": { + "cross-spawn": "^6.0.0", + "get-stream": "^4.0.0", + "is-stream": "^1.1.0", + "npm-run-path": "^2.0.0", + "p-finally": "^1.0.0", + "signal-exit": "^3.0.0", + "strip-eof": "^1.0.0" + } + }, + "exit": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw=", + "dev": true + }, + "expand-brackets": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/expand-brackets/-/expand-brackets-2.1.4.tgz", + "integrity": "sha1-t3c14xXOMPa27/D4OwQVGiJEliI=", + "dev": true, + "requires": { + "debug": "^2.3.3", + "define-property": "^0.2.5", + "extend-shallow": "^2.0.1", + "posix-character-classes": "^0.1.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true + } + } + }, + "expect": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/expect/-/expect-25.5.0.tgz", + "integrity": "sha512-w7KAXo0+6qqZZhovCaBVPSIqQp7/UTcx4M9uKt2m6pd2VB1voyC8JizLRqeEqud3AAVP02g+hbErDu5gu64tlA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "ansi-styles": "^4.0.0", + "jest-get-type": "^25.2.6", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-regex-util": "^25.2.6" + } + }, + "extend": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", + "dev": true + }, + "extend-shallow": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-3.0.2.tgz", + "integrity": "sha1-Jqcarwc7OfshJxcnRhMcJwQCjbg=", + "dev": true, + "requires": { + "assign-symbols": "^1.0.0", + "is-extendable": "^1.0.1" + }, + "dependencies": { + "is-extendable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", + "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "dev": true, + "requires": { + "is-plain-object": "^2.0.4" + } + } + } + }, + "extglob": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/extglob/-/extglob-2.0.4.tgz", + "integrity": "sha512-Nmb6QXkELsuBr24CJSkilo6UHHgbekK5UiZgfE6UHD3Eb27YC6oD+bhcT+tJ6cl8dmsgdQxnWlcry8ksBIBLpw==", + "dev": true, + "requires": { + "array-unique": "^0.3.2", + "define-property": "^1.0.0", + "expand-brackets": "^2.1.4", + "extend-shallow": "^2.0.1", + "fragment-cache": "^0.2.1", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "extsprintf": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", + "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", + "dev": true + }, + "fast-deep-equal": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.1.tgz", + "integrity": "sha512-8UEa58QDLauDNfpbrX55Q9jrGHThw2ZMdOky5Gl1CDtVeJDPVrG4Jxx1N8jw2gkWaff5UUuX1KJd+9zGe2B+ZA==", + "dev": true + }, + "fast-json-stable-stringify": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", + "dev": true + }, + "fast-levenshtein": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", + "dev": true + }, + "fb-watchman": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", + "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", + "dev": true, + "requires": { + "bser": "2.1.1" + } + }, + "fill-range": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "dev": true, + "requires": { + "to-regex-range": "^5.0.1" + } + }, + "find-up": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dev": true, + "requires": { + "locate-path": "^5.0.0", + "path-exists": "^4.0.0" + } + }, + "for-in": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz", + "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA=", + "dev": true + }, + "forever-agent": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", + "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", + "dev": true + }, + "form-data": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", + "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", + "dev": true, + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.6", + "mime-types": "^2.1.12" + } + }, + "fragment-cache": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/fragment-cache/-/fragment-cache-0.2.1.tgz", + "integrity": "sha1-QpD60n8T6Jvn8zeZxrxaCr//DRk=", + "dev": true, + "requires": { + "map-cache": "^0.2.2" + } + }, + "fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", + "dev": true + }, + "fsevents": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.1.3.tgz", + "integrity": "sha512-Auw9a4AxqWpa9GUfj370BMPzzyncfBABW8Mab7BGWBYDj4Isgq+cDKtx0i6u9jcX9pQDnswsaaOTgTmA5pEjuQ==", + "dev": true, + "optional": true + }, + "gensync": { + "version": "1.0.0-beta.1", + "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.1.tgz", + "integrity": "sha512-r8EC6NO1sngH/zdD9fiRDLdcgnbayXah+mLgManTaIZJqEC1MZstmnox8KpnI2/fxQwrp5OpCOYWLp4rBl4Jcg==", + "dev": true + }, + "get-caller-file": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true + }, + "get-package-type": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", + "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "dev": true + }, + "get-stream": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz", + "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==", + "dev": true, + "requires": { + "pump": "^3.0.0" + } + }, + "get-value": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/get-value/-/get-value-2.0.6.tgz", + "integrity": "sha1-3BXKHGcjh8p2vTesCjlbogQqLCg=", + "dev": true + }, + "getpass": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", + "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0" + } + }, + "glob": { + "version": "7.1.6", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", + "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", + "dev": true, + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + } + }, + "globals": { + "version": "11.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true + }, + "graceful-fs": { + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.4.tgz", + "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==", + "dev": true + }, + "growly": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/growly/-/growly-1.3.0.tgz", + "integrity": "sha1-8QdIy+dq+WS3yWyTxrzCivEgwIE=", + "dev": true, + "optional": true + }, + "har-schema": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", + "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", + "dev": true + }, + "har-validator": { + "version": "5.1.3", + "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz", + "integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==", + "dev": true, + "requires": { + "ajv": "^6.5.5", + "har-schema": "^2.0.0" + } + }, + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "dev": true + }, + "has-value": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-value/-/has-value-1.0.0.tgz", + "integrity": "sha1-GLKB2lhbHFxR3vJMkw7SmgvmsXc=", + "dev": true, + "requires": { + "get-value": "^2.0.6", + "has-values": "^1.0.0", + "isobject": "^3.0.0" + } + }, + "has-values": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-values/-/has-values-1.0.0.tgz", + "integrity": "sha1-lbC2P+whRmGab+V/51Yo1aOe/k8=", + "dev": true, + "requires": { + "is-number": "^3.0.0", + "kind-of": "^4.0.0" + }, + "dependencies": { + "is-number": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", + "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "kind-of": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-4.0.0.tgz", + "integrity": "sha1-IIE989cSkosgc3hpGkUGb65y3Vc=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "hosted-git-info": { + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.8.tgz", + "integrity": "sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==", + "dev": true + }, + "html-encoding-sniffer": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-1.0.2.tgz", + "integrity": "sha512-71lZziiDnsuabfdYiUeWdCVyKuqwWi23L8YeIgV9jSSZHCtb6wB1BKWooH7L3tn4/FuZJMVWyNaIDr4RGmaSYw==", + "dev": true, + "requires": { + "whatwg-encoding": "^1.0.1" + } + }, + "html-escaper": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "dev": true + }, + "http-signature": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", + "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0", + "jsprim": "^1.2.2", + "sshpk": "^1.7.0" + } + }, + "human-signals": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-1.1.1.tgz", + "integrity": "sha512-SEQu7vl8KjNL2eoGBLF3+wAjpsNfA9XMlXAYj/3EdaNfAlxKthD1xjEQfGOUhllCGGJVNY34bRr6lPINhNjyZw==", + "dev": true + }, + "iconv-lite": { + "version": "0.4.24", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", + "dev": true, + "requires": { + "safer-buffer": ">= 2.1.2 < 3" + } + }, + "import-local": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.2.tgz", + "integrity": "sha512-vjL3+w0oulAVZ0hBHnxa/Nm5TAurf9YLQJDhqRZyqb+VKGOB6LU8t9H1Nr5CIo16vh9XfJTOoHwU0B71S557gA==", + "dev": true, + "requires": { + "pkg-dir": "^4.2.0", + "resolve-cwd": "^3.0.0" + } + }, + "imurmurhash": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", + "dev": true + }, + "inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "dev": true, + "requires": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "ip-regex": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-2.1.0.tgz", + "integrity": "sha1-+ni/XS5pE8kRzp+BnuUUa7bYROk=", + "dev": true + }, + "is-accessor-descriptor": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz", + "integrity": "sha1-qeEss66Nh2cn7u84Q/igiXtcmNY=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "is-arrayish": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", + "dev": true + }, + "is-buffer": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", + "dev": true + }, + "is-ci": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-2.0.0.tgz", + "integrity": "sha512-YfJT7rkpQB0updsdHLGWrvhBJfcfzNNawYDNIyQXJz0IViGf75O8EBPKSdvw2rF+LGCsX4FZ8tcr3b19LcZq4w==", + "dev": true, + "requires": { + "ci-info": "^2.0.0" + } + }, + "is-data-descriptor": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-0.1.4.tgz", + "integrity": "sha1-C17mSDiOLIYCgueT8YVv7D8wG1Y=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "is-descriptor": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-0.1.6.tgz", + "integrity": "sha512-avDYr0SB3DwO9zsMov0gKCESFYqCnE4hq/4z3TdUlukEy5t9C0YRq7HLrsN52NAcqXKaepeCD0n+B0arnVG3Hg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^0.1.6", + "is-data-descriptor": "^0.1.4", + "kind-of": "^5.0.0" + }, + "dependencies": { + "kind-of": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-5.1.0.tgz", + "integrity": "sha512-NGEErnH6F2vUuXDh+OlbcKW7/wOcfdRHaZ7VWtqCztfHri/++YKmP51OdWeGPuqCOba6kk2OTe5d02VmTB80Pw==", + "dev": true + } + } + }, + "is-docker": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.0.0.tgz", + "integrity": "sha512-pJEdRugimx4fBMra5z2/5iRdZ63OhYV0vr0Dwm5+xtW4D1FvRkB8hamMIhnWfyJeDdyr/aa7BDyNbtG38VxgoQ==", + "dev": true, + "optional": true + }, + "is-extendable": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz", + "integrity": "sha1-YrEQ4omkcUGOPsNqYX1HLjAd/Ik=", + "dev": true + }, + "is-fullwidth-code-point": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true + }, + "is-generator-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "dev": true + }, + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true + }, + "is-plain-object": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", + "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==", + "dev": true, + "requires": { + "isobject": "^3.0.1" + } + }, + "is-stream": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", + "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=", + "dev": true + }, + "is-typedarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", + "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", + "dev": true + }, + "is-windows": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", + "integrity": "sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA==", + "dev": true + }, + "is-wsl": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", + "integrity": "sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==", + "dev": true, + "optional": true, + "requires": { + "is-docker": "^2.0.0" + } + }, + "isarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=", + "dev": true + }, + "isexe": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", + "dev": true + }, + "isobject": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz", + "integrity": "sha1-TkMekrEalzFjaqH5yNHMvP2reN8=", + "dev": true + }, + "isstream": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", + "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=", + "dev": true + }, + "istanbul-lib-coverage": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.0.0.tgz", + "integrity": "sha512-UiUIqxMgRDET6eR+o5HbfRYP1l0hqkWOs7vNxC/mggutCMUIhWMm8gAHb8tHlyfD3/l6rlgNA5cKdDzEAf6hEg==", + "dev": true + }, + "istanbul-lib-instrument": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz", + "integrity": "sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==", + "dev": true, + "requires": { + "@babel/core": "^7.7.5", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-coverage": "^3.0.0", + "semver": "^6.3.0" + } + }, + "istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", + "dev": true, + "requires": { + "istanbul-lib-coverage": "^3.0.0", + "make-dir": "^3.0.0", + "supports-color": "^7.1.0" + } + }, + "istanbul-lib-source-maps": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.0.tgz", + "integrity": "sha512-c16LpFRkR8vQXyHZ5nLpY35JZtzj1PQY1iZmesUbf1FZHbIupcWfjgOXBY9YHkLEQ6puz1u4Dgj6qmU/DisrZg==", + "dev": true, + "requires": { + "debug": "^4.1.1", + "istanbul-lib-coverage": "^3.0.0", + "source-map": "^0.6.1" + } + }, + "istanbul-reports": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.0.2.tgz", + "integrity": "sha512-9tZvz7AiR3PEDNGiV9vIouQ/EAcqMXFmkcA1CDFTwOB98OZVDL0PH9glHotf5Ugp6GCOTypfzGWI/OqjWNCRUw==", + "dev": true, + "requires": { + "html-escaper": "^2.0.0", + "istanbul-lib-report": "^3.0.0" + } + }, + "jest": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest/-/jest-25.5.4.tgz", + "integrity": "sha512-hHFJROBTqZahnO+X+PMtT6G2/ztqAZJveGqz//FnWWHurizkD05PQGzRZOhF3XP6z7SJmL+5tCfW8qV06JypwQ==", + "dev": true, + "requires": { + "@jest/core": "^25.5.4", + "import-local": "^3.0.2", + "jest-cli": "^25.5.4" + }, + "dependencies": { + "jest-cli": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-25.5.4.tgz", + "integrity": "sha512-rG8uJkIiOUpnREh1768/N3n27Cm+xPFkSNFO91tgg+8o2rXeVLStz+vkXkGr4UtzH6t1SNbjwoiswd7p4AhHTw==", + "dev": true, + "requires": { + "@jest/core": "^25.5.4", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "import-local": "^3.0.2", + "is-ci": "^2.0.0", + "jest-config": "^25.5.4", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "prompts": "^2.0.1", + "realpath-native": "^2.0.0", + "yargs": "^15.3.1" + } + } + } + }, + "jest-changed-files": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-25.5.0.tgz", + "integrity": "sha512-EOw9QEqapsDT7mKF162m8HFzRPbmP8qJQny6ldVOdOVBz3ACgPm/1nAn5fPQ/NDaYhX/AHkrGwwkCncpAVSXcw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "execa": "^3.2.0", + "throat": "^5.0.0" + }, + "dependencies": { + "cross-spawn": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "dev": true, + "requires": { + "path-key": "^3.1.0", + "shebang-command": "^2.0.0", + "which": "^2.0.1" + } + }, + "execa": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/execa/-/execa-3.4.0.tgz", + "integrity": "sha512-r9vdGQk4bmCuK1yKQu1KTwcT2zwfWdbdaXfCtAh+5nU/4fSX+JAb7vZGvI5naJrQlvONrEB20jeruESI69530g==", + "dev": true, + "requires": { + "cross-spawn": "^7.0.0", + "get-stream": "^5.0.0", + "human-signals": "^1.1.1", + "is-stream": "^2.0.0", + "merge-stream": "^2.0.0", + "npm-run-path": "^4.0.0", + "onetime": "^5.1.0", + "p-finally": "^2.0.0", + "signal-exit": "^3.0.2", + "strip-final-newline": "^2.0.0" + } + }, + "get-stream": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.1.0.tgz", + "integrity": "sha512-EXr1FOzrzTfGeL0gQdeFEvOMm2mzMOglyiOXSTpPC+iAjAKftbr3jpCMWynogwYnM+eSj9sHGc6wjIcDvYiygw==", + "dev": true, + "requires": { + "pump": "^3.0.0" + } + }, + "is-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.0.tgz", + "integrity": "sha512-XCoy+WlUr7d1+Z8GgSuXmpuUFC9fOhRXglJMx+dwLKTkL44Cjd4W1Z5P+BQZpr+cR93aGP4S/s7Ftw6Nd/kiEw==", + "dev": true + }, + "npm-run-path": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", + "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "dev": true, + "requires": { + "path-key": "^3.0.0" + } + }, + "p-finally": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-2.0.1.tgz", + "integrity": "sha512-vpm09aKwq6H9phqRQzecoDpD8TmVyGw70qmWlyq5onxY7tqyTTFVvxMykxQSQKILBSFlbXpypIw2T1Ml7+DDtw==", + "dev": true + }, + "path-key": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true + }, + "shebang-command": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, + "requires": { + "shebang-regex": "^3.0.0" + } + }, + "shebang-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true + } + } + }, + "jest-config": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-25.5.4.tgz", + "integrity": "sha512-SZwR91SwcdK6bz7Gco8qL7YY2sx8tFJYzvg216DLihTWf+LKY/DoJXpM9nTzYakSyfblbqeU48p/p7Jzy05Atg==", + "dev": true, + "requires": { + "@babel/core": "^7.1.0", + "@jest/test-sequencer": "^25.5.4", + "@jest/types": "^25.5.0", + "babel-jest": "^25.5.1", + "chalk": "^3.0.0", + "deepmerge": "^4.2.2", + "glob": "^7.1.1", + "graceful-fs": "^4.2.4", + "jest-environment-jsdom": "^25.5.0", + "jest-environment-node": "^25.5.0", + "jest-get-type": "^25.2.6", + "jest-jasmine2": "^25.5.4", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "micromatch": "^4.0.2", + "pretty-format": "^25.5.0", + "realpath-native": "^2.0.0" + } + }, + "jest-diff": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-25.5.0.tgz", + "integrity": "sha512-z1kygetuPiREYdNIumRpAHY6RXiGmp70YHptjdaxTWGmA085W3iCnXNx0DhflK3vwrKmrRWyY1wUpkPMVxMK7A==", + "dev": true, + "requires": { + "chalk": "^3.0.0", + "diff-sequences": "^25.2.6", + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-docblock": { + "version": "25.3.0", + "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-25.3.0.tgz", + "integrity": "sha512-aktF0kCar8+zxRHxQZwxMy70stc9R1mOmrLsT5VO3pIT0uzGRSDAXxSlz4NqQWpuLjPpuMhPRl7H+5FRsvIQAg==", + "dev": true, + "requires": { + "detect-newline": "^3.0.0" + } + }, + "jest-each": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-25.5.0.tgz", + "integrity": "sha512-QBogUxna3D8vtiItvn54xXde7+vuzqRrEeaw8r1s+1TG9eZLVJE5ZkKoSUlqFwRjnlaA4hyKGiu9OlkFIuKnjA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "jest-get-type": "^25.2.6", + "jest-util": "^25.5.0", + "pretty-format": "^25.5.0" + } + }, + "jest-environment-jsdom": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-environment-jsdom/-/jest-environment-jsdom-25.5.0.tgz", + "integrity": "sha512-7Jr02ydaq4jaWMZLY+Skn8wL5nVIYpWvmeatOHL3tOcV3Zw8sjnPpx+ZdeBfc457p8jCR9J6YCc+Lga0oIy62A==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "jsdom": "^15.2.1" + } + }, + "jest-environment-node": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-25.5.0.tgz", + "integrity": "sha512-iuxK6rQR2En9EID+2k+IBs5fCFd919gVVK5BeND82fYeLWPqvRcFNPKu9+gxTwfB5XwBGBvZ0HFQa+cHtIoslA==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "semver": "^6.3.0" + } + }, + "jest-get-type": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-25.2.6.tgz", + "integrity": "sha512-DxjtyzOHjObRM+sM1knti6or+eOgcGU4xVSb2HNP1TqO4ahsT+rqZg+nyqHWJSvWgKC5cG3QjGFBqxLghiF/Ig==", + "dev": true + }, + "jest-haste-map": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-25.5.1.tgz", + "integrity": "sha512-dddgh9UZjV7SCDQUrQ+5t9yy8iEgKc1AKqZR9YDww8xsVOtzPQSMVLDChc21+g29oTRexb9/B0bIlZL+sWmvAQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "@types/graceful-fs": "^4.1.2", + "anymatch": "^3.0.3", + "fb-watchman": "^2.0.0", + "fsevents": "^2.1.2", + "graceful-fs": "^4.2.4", + "jest-serializer": "^25.5.0", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "micromatch": "^4.0.2", + "sane": "^4.0.3", + "walker": "^1.0.7", + "which": "^2.0.2" + } + }, + "jest-jasmine2": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-jasmine2/-/jest-jasmine2-25.5.4.tgz", + "integrity": "sha512-9acbWEfbmS8UpdcfqnDO+uBUgKa/9hcRh983IHdM+pKmJPL77G0sWAAK0V0kr5LK3a8cSBfkFSoncXwQlRZfkQ==", + "dev": true, + "requires": { + "@babel/traverse": "^7.1.0", + "@jest/environment": "^25.5.0", + "@jest/source-map": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "co": "^4.6.0", + "expect": "^25.5.0", + "is-generator-fn": "^2.0.0", + "jest-each": "^25.5.0", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-runtime": "^25.5.4", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "pretty-format": "^25.5.0", + "throat": "^5.0.0" + } + }, + "jest-leak-detector": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-25.5.0.tgz", + "integrity": "sha512-rV7JdLsanS8OkdDpZtgBf61L5xZ4NnYLBq72r6ldxahJWWczZjXawRsoHyXzibM5ed7C2QRjpp6ypgwGdKyoVA==", + "dev": true, + "requires": { + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-matcher-utils": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-25.5.0.tgz", + "integrity": "sha512-VWI269+9JS5cpndnpCwm7dy7JtGQT30UHfrnM3mXl22gHGt/b7NkjBqXfbhZ8V4B7ANUsjK18PlSBmG0YH7gjw==", + "dev": true, + "requires": { + "chalk": "^3.0.0", + "jest-diff": "^25.5.0", + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-message-util": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-25.5.0.tgz", + "integrity": "sha512-ezddz3YCT/LT0SKAmylVyWWIGYoKHOFOFXx3/nA4m794lfVUskMcwhip6vTgdVrOtYdjeQeis2ypzes9mZb4EA==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.0.0", + "@jest/types": "^25.5.0", + "@types/stack-utils": "^1.0.1", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "micromatch": "^4.0.2", + "slash": "^3.0.0", + "stack-utils": "^1.0.1" + } + }, + "jest-mock": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-25.5.0.tgz", + "integrity": "sha512-eXWuTV8mKzp/ovHc5+3USJMYsTBhyQ+5A1Mak35dey/RG8GlM4YWVylZuGgVXinaW6tpvk/RSecmF37FKUlpXA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0" + } + }, + "jest-pnp-resolver": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.1.tgz", + "integrity": "sha512-pgFw2tm54fzgYvc/OHrnysABEObZCUNFnhjoRjaVOCN8NYc032/gVjPaHD4Aq6ApkSieWtfKAFQtmDKAmhupnQ==", + "dev": true + }, + "jest-regex-util": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-25.2.6.tgz", + "integrity": "sha512-KQqf7a0NrtCkYmZZzodPftn7fL1cq3GQAFVMn5Hg8uKx/fIenLEobNanUxb7abQ1sjADHBseG/2FGpsv/wr+Qw==", + "dev": true + }, + "jest-resolve": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-25.5.1.tgz", + "integrity": "sha512-Hc09hYch5aWdtejsUZhA+vSzcotf7fajSlPA6EZPE1RmPBAD39XtJhvHWFStid58iit4IPDLI/Da4cwdDmAHiQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "browser-resolve": "^1.11.3", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "jest-pnp-resolver": "^1.2.1", + "read-pkg-up": "^7.0.1", + "realpath-native": "^2.0.0", + "resolve": "^1.17.0", + "slash": "^3.0.0" + } + }, + "jest-resolve-dependencies": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-25.5.4.tgz", + "integrity": "sha512-yFmbPd+DAQjJQg88HveObcGBA32nqNZ02fjYmtL16t1xw9bAttSn5UGRRhzMHIQbsep7znWvAvnD4kDqOFM0Uw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-snapshot": "^25.5.1" + } + }, + "jest-runner": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-25.5.4.tgz", + "integrity": "sha512-V/2R7fKZo6blP8E9BL9vJ8aTU4TH2beuqGNxHbxi6t14XzTb+x90B3FRgdvuHm41GY8ch4xxvf0ATH4hdpjTqg==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/environment": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-config": "^25.5.4", + "jest-docblock": "^25.3.0", + "jest-haste-map": "^25.5.1", + "jest-jasmine2": "^25.5.4", + "jest-leak-detector": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-resolve": "^25.5.1", + "jest-runtime": "^25.5.4", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "source-map-support": "^0.5.6", + "throat": "^5.0.0" + } + }, + "jest-runtime": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-25.5.4.tgz", + "integrity": "sha512-RWTt8LeWh3GvjYtASH2eezkc8AehVoWKK20udV6n3/gC87wlTbE1kIA+opCvNWyyPeBs6ptYsc6nyHUb1GlUVQ==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/environment": "^25.5.0", + "@jest/globals": "^25.5.2", + "@jest/source-map": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "@types/yargs": "^15.0.0", + "chalk": "^3.0.0", + "collect-v8-coverage": "^1.0.0", + "exit": "^0.1.2", + "glob": "^7.1.3", + "graceful-fs": "^4.2.4", + "jest-config": "^25.5.4", + "jest-haste-map": "^25.5.1", + "jest-message-util": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "realpath-native": "^2.0.0", + "slash": "^3.0.0", + "strip-bom": "^4.0.0", + "yargs": "^15.3.1" + } + }, + "jest-serializer": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-serializer/-/jest-serializer-25.5.0.tgz", + "integrity": "sha512-LxD8fY1lByomEPflwur9o4e2a5twSQ7TaVNLlFUuToIdoJuBt8tzHfCsZ42Ok6LkKXWzFWf3AGmheuLAA7LcCA==", + "dev": true, + "requires": { + "graceful-fs": "^4.2.4" + } + }, + "jest-snapshot": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-25.5.1.tgz", + "integrity": "sha512-C02JE1TUe64p2v1auUJ2ze5vcuv32tkv9PyhEb318e8XOKF7MOyXdJ7kdjbvrp3ChPLU2usI7Rjxs97Dj5P0uQ==", + "dev": true, + "requires": { + "@babel/types": "^7.0.0", + "@jest/types": "^25.5.0", + "@types/prettier": "^1.19.0", + "chalk": "^3.0.0", + "expect": "^25.5.0", + "graceful-fs": "^4.2.4", + "jest-diff": "^25.5.0", + "jest-get-type": "^25.2.6", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-resolve": "^25.5.1", + "make-dir": "^3.0.0", + "natural-compare": "^1.4.0", + "pretty-format": "^25.5.0", + "semver": "^6.3.0" + } + }, + "jest-util": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-25.5.0.tgz", + "integrity": "sha512-KVlX+WWg1zUTB9ktvhsg2PXZVdkI1NBevOJSkTKYAyXyH4QSvh+Lay/e/v+bmaFfrkfx43xD8QTfgobzlEXdIA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "is-ci": "^2.0.0", + "make-dir": "^3.0.0" + } + }, + "jest-validate": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-25.5.0.tgz", + "integrity": "sha512-okUFKqhZIpo3jDdtUXUZ2LxGUZJIlfdYBvZb1aczzxrlyMlqdnnws9MOxezoLGhSaFc2XYaHNReNQfj5zPIWyQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "camelcase": "^5.3.1", + "chalk": "^3.0.0", + "jest-get-type": "^25.2.6", + "leven": "^3.1.0", + "pretty-format": "^25.5.0" + } + }, + "jest-watcher": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-25.5.0.tgz", + "integrity": "sha512-XrSfJnVASEl+5+bb51V0Q7WQx65dTSk7NL4yDdVjPnRNpM0hG+ncFmDYJo9O8jaSRcAitVbuVawyXCRoxGrT5Q==", + "dev": true, + "requires": { + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "ansi-escapes": "^4.2.1", + "chalk": "^3.0.0", + "jest-util": "^25.5.0", + "string-length": "^3.1.0" + } + }, + "jest-worker": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-25.5.0.tgz", + "integrity": "sha512-/dsSmUkIy5EBGfv/IjjqmFxrNAUpBERfGs1oHROyD7yxjG/w+t0GOJDX8O1k32ySmd7+a5IhnJU2qQFcJ4n1vw==", + "dev": true, + "requires": { + "merge-stream": "^2.0.0", + "supports-color": "^7.0.0" + } + }, + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true + }, + "js-yaml": { + "version": "3.14.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.0.tgz", + "integrity": "sha512-/4IbIeHcD9VMHFqDR/gQ7EdZdLimOvW2DdcxFjdyyZ9NsbS+ccrXqVWDtab/lRl5AlUqmpBx8EhPaWR+OtY17A==", + "dev": true, + "requires": { + "argparse": "^1.0.7", + "esprima": "^4.0.0" + } + }, + "jsbn": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", + "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=", + "dev": true + }, + "jsdom": { + "version": "15.2.1", + "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-15.2.1.tgz", + "integrity": "sha512-fAl1W0/7T2G5vURSyxBzrJ1LSdQn6Tr5UX/xD4PXDx/PDgwygedfW6El/KIj3xJ7FU61TTYnc/l/B7P49Eqt6g==", + "dev": true, + "requires": { + "abab": "^2.0.0", + "acorn": "^7.1.0", + "acorn-globals": "^4.3.2", + "array-equal": "^1.0.0", + "cssom": "^0.4.1", + "cssstyle": "^2.0.0", + "data-urls": "^1.1.0", + "domexception": "^1.0.1", + "escodegen": "^1.11.1", + "html-encoding-sniffer": "^1.0.2", + "nwsapi": "^2.2.0", + "parse5": "5.1.0", + "pn": "^1.1.0", + "request": "^2.88.0", + "request-promise-native": "^1.0.7", + "saxes": "^3.1.9", + "symbol-tree": "^3.2.2", + "tough-cookie": "^3.0.1", + "w3c-hr-time": "^1.0.1", + "w3c-xmlserializer": "^1.1.2", + "webidl-conversions": "^4.0.2", + "whatwg-encoding": "^1.0.5", + "whatwg-mimetype": "^2.3.0", + "whatwg-url": "^7.0.0", + "ws": "^7.0.0", + "xml-name-validator": "^3.0.0" + } + }, + "jsesc": { + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", + "dev": true + }, + "json-parse-better-errors": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", + "integrity": "sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==", + "dev": true + }, + "json-schema": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", + "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=", + "dev": true + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, + "json-stringify-safe": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", + "dev": true + }, + "json5": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.1.3.tgz", + "integrity": "sha512-KXPvOm8K9IJKFM0bmdn8QXh7udDh1g/giieX0NLCaMnb4hEiVFqnop2ImTXCc5e0/oHz3LTqmHGtExn5hfMkOA==", + "dev": true, + "requires": { + "minimist": "^1.2.5" + } + }, + "jsprim": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", + "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", + "dev": true, + "requires": { + "assert-plus": "1.0.0", + "extsprintf": "1.3.0", + "json-schema": "0.2.3", + "verror": "1.10.0" + } + }, + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==", + "dev": true + }, + "kleur": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true + }, + "leven": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "dev": true + }, + "levn": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", + "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2" + } + }, + "lines-and-columns": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.1.6.tgz", + "integrity": "sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA=", + "dev": true + }, + "locate-path": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dev": true, + "requires": { + "p-locate": "^4.1.0" + } + }, + "lodash": { + "version": "4.17.15", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", + "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==", + "dev": true + }, + "lodash.sortby": { + "version": "4.7.0", + "resolved": "https://registry.npmjs.org/lodash.sortby/-/lodash.sortby-4.7.0.tgz", + "integrity": "sha1-7dFMgk4sycHgsKG0K7UhBRakJDg=", + "dev": true + }, + "lolex": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/lolex/-/lolex-5.1.2.tgz", + "integrity": "sha512-h4hmjAvHTmd+25JSwrtTIuwbKdwg5NzZVRMLn9saij4SZaepCrTCxPr35H/3bjwfMJtN+t3CX8672UIkglz28A==", + "dev": true, + "requires": { + "@sinonjs/commons": "^1.7.0" + } + }, + "make-dir": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", + "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "dev": true, + "requires": { + "semver": "^6.0.0" + } + }, + "makeerror": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.11.tgz", + "integrity": "sha1-4BpckQnyr3lmDk6LlYd5AYT1qWw=", + "dev": true, + "requires": { + "tmpl": "1.0.x" + } + }, + "map-cache": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/map-cache/-/map-cache-0.2.2.tgz", + "integrity": "sha1-wyq9C9ZSXZsFFkW7TyasXcmKDb8=", + "dev": true + }, + "map-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/map-visit/-/map-visit-1.0.0.tgz", + "integrity": "sha1-7Nyo8TFE5mDxtb1B8S80edmN+48=", + "dev": true, + "requires": { + "object-visit": "^1.0.0" + } + }, + "merge-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", + "dev": true + }, + "micromatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.2.tgz", + "integrity": "sha512-y7FpHSbMUMoyPbYUSzO6PaZ6FyRnQOpHuKwbo1G+Knck95XVU4QAiKdGEnj5wwoS7PlOgthX/09u5iFJ+aYf5Q==", + "dev": true, + "requires": { + "braces": "^3.0.1", + "picomatch": "^2.0.5" + } + }, + "mime-db": { + "version": "1.44.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz", + "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==", + "dev": true + }, + "mime-types": { + "version": "2.1.27", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz", + "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==", + "dev": true, + "requires": { + "mime-db": "1.44.0" + } + }, + "mimic-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true + }, + "minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "dev": true, + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "minimist": { + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", + "dev": true + }, + "mixin-deep": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz", + "integrity": "sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==", + "dev": true, + "requires": { + "for-in": "^1.0.2", + "is-extendable": "^1.0.1" + }, + "dependencies": { + "is-extendable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", + "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "dev": true, + "requires": { + "is-plain-object": "^2.0.4" + } + } + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true + }, + "nanomatch": { + "version": "1.2.13", + "resolved": "https://registry.npmjs.org/nanomatch/-/nanomatch-1.2.13.tgz", + "integrity": "sha512-fpoe2T0RbHwBTBUOftAfBPaDEi06ufaUai0mE6Yn1kacc3SnTErfb/h+X94VXzI64rKFHYImXSvdwGGCmwOqCA==", + "dev": true, + "requires": { + "arr-diff": "^4.0.0", + "array-unique": "^0.3.2", + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "fragment-cache": "^0.2.1", + "is-windows": "^1.0.2", + "kind-of": "^6.0.2", + "object.pick": "^1.3.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + } + }, + "natural-compare": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", + "dev": true + }, + "nice-try": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", + "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==", + "dev": true + }, + "node-int64": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", + "dev": true + }, + "node-modules-regexp": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz", + "integrity": "sha1-jZ2+KJZKSsVxLpExZCEHxx6Q7EA=", + "dev": true + }, + "node-notifier": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/node-notifier/-/node-notifier-6.0.0.tgz", + "integrity": "sha512-SVfQ/wMw+DesunOm5cKqr6yDcvUTDl/yc97ybGHMrteNEY6oekXpNpS3lZwgLlwz0FLgHoiW28ZpmBHUDg37cw==", + "dev": true, + "optional": true, + "requires": { + "growly": "^1.3.0", + "is-wsl": "^2.1.1", + "semver": "^6.3.0", + "shellwords": "^0.1.1", + "which": "^1.3.1" + }, + "dependencies": { + "which": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", + "dev": true, + "optional": true, + "requires": { + "isexe": "^2.0.0" + } + } + } + }, + "normalize-package-data": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", + "integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==", + "dev": true, + "requires": { + "hosted-git-info": "^2.1.4", + "resolve": "^1.10.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + } + } + }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true + }, + "npm-run-path": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-2.0.2.tgz", + "integrity": "sha1-NakjLfo11wZ7TLLd8jV7GHFTbF8=", + "dev": true, + "requires": { + "path-key": "^2.0.0" + } + }, + "nwsapi": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz", + "integrity": "sha512-h2AatdwYH+JHiZpv7pt/gSX1XoRGb7L/qSIeuqA6GwYoF9w1vP1cw42TO0aI2pNyshRK5893hNSl+1//vHK7hQ==", + "dev": true + }, + "oauth-sign": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", + "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", + "dev": true + }, + "object-copy": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/object-copy/-/object-copy-0.1.0.tgz", + "integrity": "sha1-fn2Fi3gb18mRpBupde04EnVOmYw=", + "dev": true, + "requires": { + "copy-descriptor": "^0.1.0", + "define-property": "^0.2.5", + "kind-of": "^3.0.3" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "object-visit": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/object-visit/-/object-visit-1.0.1.tgz", + "integrity": "sha1-95xEk68MU3e1n+OdOV5BBC3QRbs=", + "dev": true, + "requires": { + "isobject": "^3.0.0" + } + }, + "object.pick": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/object.pick/-/object.pick-1.3.0.tgz", + "integrity": "sha1-h6EKxMFpS9Lhy/U1kaZhQftd10c=", + "dev": true, + "requires": { + "isobject": "^3.0.1" + } + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "dev": true, + "requires": { + "wrappy": "1" + } + }, + "onetime": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.0.tgz", + "integrity": "sha512-5NcSkPHhwTVFIQN+TUqXoS5+dlElHXdpAWu9I0HP20YOtIi+aZ0Ct82jdlILDxjLEAWwvm+qj1m6aEtsDVmm6Q==", + "dev": true, + "requires": { + "mimic-fn": "^2.1.0" + } + }, + "optionator": { + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", + "integrity": "sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==", + "dev": true, + "requires": { + "deep-is": "~0.1.3", + "fast-levenshtein": "~2.0.6", + "levn": "~0.3.0", + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2", + "word-wrap": "~1.2.3" + } + }, + "p-each-series": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/p-each-series/-/p-each-series-2.1.0.tgz", + "integrity": "sha512-ZuRs1miPT4HrjFa+9fRfOFXxGJfORgelKV9f9nNOWw2gl6gVsRaVDOQP0+MI0G0wGKns1Yacsu0GjOFbTK0JFQ==", + "dev": true + }, + "p-finally": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz", + "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=", + "dev": true + }, + "p-limit": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dev": true, + "requires": { + "p-try": "^2.0.0" + } + }, + "p-locate": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dev": true, + "requires": { + "p-limit": "^2.2.0" + } + }, + "p-try": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true + }, + "parse-json": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.0.0.tgz", + "integrity": "sha512-OOY5b7PAEFV0E2Fir1KOkxchnZNCdowAJgQ5NuxjpBKTRP3pQhwkrkxqQjeoKJ+fO7bCpmIZaogI4eZGDMEGOw==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.0.0", + "error-ex": "^1.3.1", + "json-parse-better-errors": "^1.0.1", + "lines-and-columns": "^1.1.6" + } + }, + "parse5": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/parse5/-/parse5-5.1.0.tgz", + "integrity": "sha512-fxNG2sQjHvlVAYmzBZS9YlDp6PTSSDwa98vkD4QgVDDCAo84z5X1t5XyJQ62ImdLXx5NdIIfihey6xpum9/gRQ==", + "dev": true + }, + "pascalcase": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/pascalcase/-/pascalcase-0.1.1.tgz", + "integrity": "sha1-s2PlXoAGym/iF4TS2yK9FdeRfxQ=", + "dev": true + }, + "path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true + }, + "path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", + "dev": true + }, + "path-key": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz", + "integrity": "sha1-QRyttXTFoUDTpLGRDUDYDMn0C0A=", + "dev": true + }, + "path-parse": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz", + "integrity": "sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==", + "dev": true + }, + "performance-now": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", + "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", + "dev": true + }, + "picomatch": { + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.2.2.tgz", + "integrity": "sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==", + "dev": true + }, + "pirates": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.1.tgz", + "integrity": "sha512-WuNqLTbMI3tmfef2TKxlQmAiLHKtFhlsCZnPIpuv2Ow0RDVO8lfy1Opf4NUzlMXLjPl+Men7AuVdX6TA+s+uGA==", + "dev": true, + "requires": { + "node-modules-regexp": "^1.0.0" + } + }, + "pkg-dir": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dev": true, + "requires": { + "find-up": "^4.0.0" + } + }, + "pn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/pn/-/pn-1.1.0.tgz", + "integrity": "sha512-2qHaIQr2VLRFoxe2nASzsV6ef4yOOH+Fi9FBOVH6cqeSgUnoyySPZkxzLuzd+RYOQTRpROA0ztTMqxROKSb/nA==", + "dev": true + }, + "posix-character-classes": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz", + "integrity": "sha1-AerA/jta9xoqbAL+q7jB/vfgDqs=", + "dev": true + }, + "prelude-ls": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", + "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", + "dev": true + }, + "pretty-format": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-25.5.0.tgz", + "integrity": "sha512-kbo/kq2LQ/A/is0PQwsEHM7Ca6//bGPPvU6UnsdDRSKTWxT/ru/xb88v4BJf6a69H+uTytOEsTusT9ksd/1iWQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "ansi-regex": "^5.0.0", + "ansi-styles": "^4.0.0", + "react-is": "^16.12.0" + }, + "dependencies": { + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", + "dev": true + } + } + }, + "prompts": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.3.2.tgz", + "integrity": "sha512-Q06uKs2CkNYVID0VqwfAl9mipo99zkBv/n2JtWY89Yxa3ZabWSrs0e2KTudKVa3peLUvYXMefDqIleLPVUBZMA==", + "dev": true, + "requires": { + "kleur": "^3.0.3", + "sisteransi": "^1.0.4" + } + }, + "psl": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", + "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", + "dev": true + }, + "pump": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==", + "dev": true, + "requires": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "punycode": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", + "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", + "dev": true + }, + "qs": { + "version": "6.5.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", + "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==", + "dev": true + }, + "react-is": { + "version": "16.13.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz", + "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", + "dev": true + }, + "read-pkg": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-5.2.0.tgz", + "integrity": "sha512-Ug69mNOpfvKDAc2Q8DRpMjjzdtrnv9HcSMX+4VsZxD1aZ6ZzrIE7rlzXBtWTyhULSMKg076AW6WR5iZpD0JiOg==", + "dev": true, + "requires": { + "@types/normalize-package-data": "^2.4.0", + "normalize-package-data": "^2.5.0", + "parse-json": "^5.0.0", + "type-fest": "^0.6.0" + }, + "dependencies": { + "type-fest": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.6.0.tgz", + "integrity": "sha512-q+MB8nYR1KDLrgr4G5yemftpMC7/QLqVndBmEEdqzmNj5dcFOO4Oo8qlwZE3ULT3+Zim1F8Kq4cBnikNhlCMlg==", + "dev": true + } + } + }, + "read-pkg-up": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-7.0.1.tgz", + "integrity": "sha512-zK0TB7Xd6JpCLmlLmufqykGE+/TlOePD6qKClNW7hHDKFh/J7/7gCWGR7joEQEW1bKq3a3yUZSObOoWLFQ4ohg==", + "dev": true, + "requires": { + "find-up": "^4.1.0", + "read-pkg": "^5.2.0", + "type-fest": "^0.8.1" + } + }, + "realpath-native": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/realpath-native/-/realpath-native-2.0.0.tgz", + "integrity": "sha512-v1SEYUOXXdbBZK8ZuNgO4TBjamPsiSgcFr0aP+tEKpQZK8vooEUqV6nm6Cv502mX4NF2EfsnVqtNAHG+/6Ur1Q==", + "dev": true + }, + "regex-not": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/regex-not/-/regex-not-1.0.2.tgz", + "integrity": "sha512-J6SDjUgDxQj5NusnOtdFxDwN/+HWykR8GELwctJ7mdqhcyy1xEc4SRFHUXvxTp661YaVKAjfRLZ9cCqS6tn32A==", + "dev": true, + "requires": { + "extend-shallow": "^3.0.2", + "safe-regex": "^1.1.0" + } + }, + "remove-trailing-separator": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz", + "integrity": "sha1-wkvOKig62tW8P1jg1IJJuSN52O8=", + "dev": true + }, + "repeat-element": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/repeat-element/-/repeat-element-1.1.3.tgz", + "integrity": "sha512-ahGq0ZnV5m5XtZLMb+vP76kcAM5nkLqk0lpqAuojSKGgQtn4eRi4ZZGm2olo2zKFH+sMsWaqOCW1dqAnOru72g==", + "dev": true + }, + "repeat-string": { + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz", + "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=", + "dev": true + }, + "request": { + "version": "2.88.2", + "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", + "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "dev": true, + "requires": { + "aws-sign2": "~0.7.0", + "aws4": "^1.8.0", + "caseless": "~0.12.0", + "combined-stream": "~1.0.6", + "extend": "~3.0.2", + "forever-agent": "~0.6.1", + "form-data": "~2.3.2", + "har-validator": "~5.1.3", + "http-signature": "~1.2.0", + "is-typedarray": "~1.0.0", + "isstream": "~0.1.2", + "json-stringify-safe": "~5.0.1", + "mime-types": "~2.1.19", + "oauth-sign": "~0.9.0", + "performance-now": "^2.1.0", + "qs": "~6.5.2", + "safe-buffer": "^5.1.2", + "tough-cookie": "~2.5.0", + "tunnel-agent": "^0.6.0", + "uuid": "^3.3.2" + }, + "dependencies": { + "tough-cookie": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "dev": true, + "requires": { + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + } + } + }, + "request-promise-core": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/request-promise-core/-/request-promise-core-1.1.3.tgz", + "integrity": "sha512-QIs2+ArIGQVp5ZYbWD5ZLCY29D5CfWizP8eWnm8FoGD1TX61veauETVQbrV60662V0oFBkrDOuaBI8XgtuyYAQ==", + "dev": true, + "requires": { + "lodash": "^4.17.15" + } + }, + "request-promise-native": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/request-promise-native/-/request-promise-native-1.0.8.tgz", + "integrity": "sha512-dapwLGqkHtwL5AEbfenuzjTYg35Jd6KPytsC2/TLkVMz8rm+tNt72MGUWT1RP/aYawMpN6HqbNGBQaRcBtjQMQ==", + "dev": true, + "requires": { + "request-promise-core": "1.1.3", + "stealthy-require": "^1.1.1", + "tough-cookie": "^2.3.3" + }, + "dependencies": { + "tough-cookie": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "dev": true, + "requires": { + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + } + } + }, + "require-directory": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", + "dev": true + }, + "require-main-filename": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz", + "integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==", + "dev": true + }, + "resolve": { + "version": "1.17.0", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.17.0.tgz", + "integrity": "sha512-ic+7JYiV8Vi2yzQGFWOkiZD5Z9z7O2Zhm9XMaTxdJExKasieFCr+yXZ/WmXsckHiKl12ar0y6XiXDx3m4RHn1w==", + "dev": true, + "requires": { + "path-parse": "^1.0.6" + } + }, + "resolve-cwd": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", + "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "dev": true, + "requires": { + "resolve-from": "^5.0.0" + } + }, + "resolve-from": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "dev": true + }, + "resolve-url": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/resolve-url/-/resolve-url-0.2.1.tgz", + "integrity": "sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=", + "dev": true + }, + "ret": { + "version": "0.1.15", + "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz", + "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==", + "dev": true + }, + "rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "dev": true, + "requires": { + "glob": "^7.1.3" + } + }, + "rsvp": { + "version": "4.8.5", + "resolved": "https://registry.npmjs.org/rsvp/-/rsvp-4.8.5.tgz", + "integrity": "sha512-nfMOlASu9OnRJo1mbEk2cz0D56a1MBNrJ7orjRZQG10XDyuvwksKbuXNp6qa+kbn839HwjwhBzhFmdsaEAfauA==", + "dev": true + }, + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", + "dev": true + }, + "safe-regex": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-1.1.0.tgz", + "integrity": "sha1-QKNmnzsHfR6UPURinhV91IAjvy4=", + "dev": true, + "requires": { + "ret": "~0.1.10" + } + }, + "safer-buffer": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", + "dev": true + }, + "sane": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/sane/-/sane-4.1.0.tgz", + "integrity": "sha512-hhbzAgTIX8O7SHfp2c8/kREfEn4qO/9q8C9beyY6+tvZ87EpoZ3i1RIEvp27YBswnNbY9mWd6paKVmKbAgLfZA==", + "dev": true, + "requires": { + "@cnakazawa/watch": "^1.0.3", + "anymatch": "^2.0.0", + "capture-exit": "^2.0.0", + "exec-sh": "^0.3.2", + "execa": "^1.0.0", + "fb-watchman": "^2.0.0", + "micromatch": "^3.1.4", + "minimist": "^1.1.1", + "walker": "~1.0.5" + }, + "dependencies": { + "anymatch": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-2.0.0.tgz", + "integrity": "sha512-5teOsQWABXHHBFP9y3skS5P3d/WfWXpv3FUpy+LorMrNYaT9pI4oLMQX7jzQ2KklNpGpWHzdCXTDT2Y3XGlZBw==", + "dev": true, + "requires": { + "micromatch": "^3.1.4", + "normalize-path": "^2.1.1" + } + }, + "braces": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-2.3.2.tgz", + "integrity": "sha512-aNdbnj9P8PjdXU4ybaWLK2IF3jc/EoDYbC7AazW6to3TRsfXxscC9UXOB5iDiEQrkyIbWp2SLQda4+QAa7nc3w==", + "dev": true, + "requires": { + "arr-flatten": "^1.1.0", + "array-unique": "^0.3.2", + "extend-shallow": "^2.0.1", + "fill-range": "^4.0.0", + "isobject": "^3.0.1", + "repeat-element": "^1.1.2", + "snapdragon": "^0.8.1", + "snapdragon-node": "^2.0.1", + "split-string": "^3.0.2", + "to-regex": "^3.0.1" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "fill-range": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-4.0.0.tgz", + "integrity": "sha1-1USBHUKPmOsGpj3EAtJAPDKMOPc=", + "dev": true, + "requires": { + "extend-shallow": "^2.0.1", + "is-number": "^3.0.0", + "repeat-string": "^1.6.1", + "to-regex-range": "^2.1.0" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "is-number": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", + "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "micromatch": { + "version": "3.1.10", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-3.1.10.tgz", + "integrity": "sha512-MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg==", + "dev": true, + "requires": { + "arr-diff": "^4.0.0", + "array-unique": "^0.3.2", + "braces": "^2.3.1", + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "extglob": "^2.0.4", + "fragment-cache": "^0.2.1", + "kind-of": "^6.0.2", + "nanomatch": "^1.2.9", + "object.pick": "^1.3.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.2" + } + }, + "normalize-path": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-2.1.1.tgz", + "integrity": "sha1-GrKLVW4Zg2Oowab35vogE3/mrtk=", + "dev": true, + "requires": { + "remove-trailing-separator": "^1.0.1" + } + }, + "to-regex-range": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-2.1.1.tgz", + "integrity": "sha1-fIDBe53+vlmeJzZ+DU3VWQFB2zg=", + "dev": true, + "requires": { + "is-number": "^3.0.0", + "repeat-string": "^1.6.1" + } + } + } + }, + "saxes": { + "version": "3.1.11", + "resolved": "https://registry.npmjs.org/saxes/-/saxes-3.1.11.tgz", + "integrity": "sha512-Ydydq3zC+WYDJK1+gRxRapLIED9PWeSuuS41wqyoRmzvhhh9nc+QQrVMKJYzJFULazeGhzSV0QleN2wD3boh2g==", + "dev": true, + "requires": { + "xmlchars": "^2.1.1" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", + "dev": true + }, + "set-blocking": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", + "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=", + "dev": true + }, + "set-value": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.1.tgz", + "integrity": "sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw==", + "dev": true, + "requires": { + "extend-shallow": "^2.0.1", + "is-extendable": "^0.1.1", + "is-plain-object": "^2.0.3", + "split-string": "^3.0.1" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "shebang-command": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-1.2.0.tgz", + "integrity": "sha1-RKrGW2lbAzmJaMOfNj/uXer98eo=", + "dev": true, + "requires": { + "shebang-regex": "^1.0.0" + } + }, + "shebang-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz", + "integrity": "sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=", + "dev": true + }, + "shellwords": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/shellwords/-/shellwords-0.1.1.tgz", + "integrity": "sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww==", + "dev": true, + "optional": true + }, + "signal-exit": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.3.tgz", + "integrity": "sha512-VUJ49FC8U1OxwZLxIbTTrDvLnf/6TDgxZcK8wxR8zs13xpx7xbG60ndBlhNrFi2EMuFRoeDoJO7wthSLq42EjA==", + "dev": true + }, + "sisteransi": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true + }, + "slash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", + "dev": true + }, + "snapdragon": { + "version": "0.8.2", + "resolved": "https://registry.npmjs.org/snapdragon/-/snapdragon-0.8.2.tgz", + "integrity": "sha512-FtyOnWN/wCHTVXOMwvSv26d+ko5vWlIDD6zoUJ7LW8vh+ZBC8QdljveRP+crNrtBwioEUWy/4dMtbBjA4ioNlg==", + "dev": true, + "requires": { + "base": "^0.11.1", + "debug": "^2.2.0", + "define-property": "^0.2.5", + "extend-shallow": "^2.0.1", + "map-cache": "^0.2.2", + "source-map": "^0.5.6", + "source-map-resolve": "^0.5.0", + "use": "^3.1.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true + }, + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "snapdragon-node": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/snapdragon-node/-/snapdragon-node-2.1.1.tgz", + "integrity": "sha512-O27l4xaMYt/RSQ5TR3vpWCAB5Kb/czIcqUFOM/C4fYcLnbZUc1PkjTAMjof2pBWaSTwOUd6qUHcFGVGj7aIwnw==", + "dev": true, + "requires": { + "define-property": "^1.0.0", + "isobject": "^3.0.0", + "snapdragon-util": "^3.0.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "snapdragon-util": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/snapdragon-util/-/snapdragon-util-3.0.1.tgz", + "integrity": "sha512-mbKkMdQKsjX4BAL4bRYTj21edOf8cN7XHdYUJEe+Zn99hVEYcMvKPct1IqNe7+AZPirn8BCDOQBHQZknqmKlZQ==", + "dev": true, + "requires": { + "kind-of": "^3.2.0" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true + }, + "source-map-resolve": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/source-map-resolve/-/source-map-resolve-0.5.3.tgz", + "integrity": "sha512-Htz+RnsXWk5+P2slx5Jh3Q66vhQj1Cllm0zvnaY98+NFx+Dv2CF/f5O/t8x+KaNdrdIAsruNzoh/KpialbqAnw==", + "dev": true, + "requires": { + "atob": "^2.1.2", + "decode-uri-component": "^0.2.0", + "resolve-url": "^0.2.1", + "source-map-url": "^0.4.0", + "urix": "^0.1.0" + } + }, + "source-map-support": { + "version": "0.5.19", + "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.19.tgz", + "integrity": "sha512-Wonm7zOCIJzBGQdB+thsPar0kYuCIzYvxZwlBa87yi/Mdjv7Tip2cyVbLj5o0cFPN4EVkuTwb3GDDyUx2DGnGw==", + "dev": true, + "requires": { + "buffer-from": "^1.0.0", + "source-map": "^0.6.0" + } + }, + "source-map-url": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/source-map-url/-/source-map-url-0.4.0.tgz", + "integrity": "sha1-PpNdfd1zYxuXZZlW1VEo6HtQhKM=", + "dev": true + }, + "spdx-correct": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.1.tgz", + "integrity": "sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==", + "dev": true, + "requires": { + "spdx-expression-parse": "^3.0.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-exceptions": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz", + "integrity": "sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A==", + "dev": true + }, + "spdx-expression-parse": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", + "integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==", + "dev": true, + "requires": { + "spdx-exceptions": "^2.1.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-license-ids": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.5.tgz", + "integrity": "sha512-J+FWzZoynJEXGphVIS+XEh3kFSjZX/1i9gFBaWQcB+/tmpe2qUsSBABpcxqxnAxFdiUFEgAX1bjYGQvIZmoz9Q==", + "dev": true + }, + "split-string": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/split-string/-/split-string-3.1.0.tgz", + "integrity": "sha512-NzNVhJDYpwceVVii8/Hu6DKfD2G+NrQHlS/V/qgv763EYudVwEcMQNxd2lh+0VrUByXN/oJkl5grOhYWvQUYiw==", + "dev": true, + "requires": { + "extend-shallow": "^3.0.0" + } + }, + "sprintf-js": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", + "dev": true + }, + "sshpk": { + "version": "1.16.1", + "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", + "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "dev": true, + "requires": { + "asn1": "~0.2.3", + "assert-plus": "^1.0.0", + "bcrypt-pbkdf": "^1.0.0", + "dashdash": "^1.12.0", + "ecc-jsbn": "~0.1.1", + "getpass": "^0.1.1", + "jsbn": "~0.1.0", + "safer-buffer": "^2.0.2", + "tweetnacl": "~0.14.0" + } + }, + "stack-utils": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-1.0.2.tgz", + "integrity": "sha512-MTX+MeG5U994cazkjd/9KNAapsHnibjMLnfXodlkXw76JEea0UiNzrqidzo1emMwk7w5Qhc9jd4Bn9TBb1MFwA==", + "dev": true + }, + "static-extend": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/static-extend/-/static-extend-0.1.2.tgz", + "integrity": "sha1-YICcOcv/VTNyJv1eC1IPNB8ftcY=", + "dev": true, + "requires": { + "define-property": "^0.2.5", + "object-copy": "^0.1.0" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "stealthy-require": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/stealthy-require/-/stealthy-require-1.1.1.tgz", + "integrity": "sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=", + "dev": true + }, + "string-length": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-length/-/string-length-3.1.0.tgz", + "integrity": "sha512-Ttp5YvkGm5v9Ijagtaz1BnN+k9ObpvS0eIBblPMp2YWL8FBmi9qblQ9fexc2k/CXFgrTIteU3jAw3payCnwSTA==", + "dev": true, + "requires": { + "astral-regex": "^1.0.0", + "strip-ansi": "^5.2.0" + }, + "dependencies": { + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "dev": true, + "requires": { + "ansi-regex": "^4.1.0" + } + } + } + }, + "string-width": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz", + "integrity": "sha512-zUz5JD+tgqtuDjMhwIg5uFVV3dtqZ9yQJlZVfq4I01/K5Paj5UHj7VyrQOJvzawSVlKpObApbfD0Ed6yJc+1eg==", + "dev": true, + "requires": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "strip-ansi": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", + "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", + "dev": true, + "requires": { + "ansi-regex": "^5.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", + "dev": true + } + } + }, + "strip-bom": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", + "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", + "dev": true + }, + "strip-eof": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz", + "integrity": "sha1-u0P/VZim6wXYm1n80SnJgzE2Br8=", + "dev": true + }, + "strip-final-newline": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", + "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", + "dev": true + }, + "supports-color": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", + "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "dev": true, + "requires": { + "has-flag": "^4.0.0" + } + }, + "supports-hyperlinks": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.1.0.tgz", + "integrity": "sha512-zoE5/e+dnEijk6ASB6/qrK+oYdm2do1hjoLWrqUC/8WEIW1gbxFcKuBof7sW8ArN6e+AYvsE8HBGiVRWL/F5CA==", + "dev": true, + "requires": { + "has-flag": "^4.0.0", + "supports-color": "^7.0.0" + } + }, + "symbol-tree": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz", + "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", + "dev": true + }, + "terminal-link": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", + "integrity": "sha512-un0FmiRUQNr5PJqy9kP7c40F5BOfpGlYTrxonDChEZB7pzZxRNp/bt+ymiy9/npwXya9KH99nJ/GXFIiUkYGFQ==", + "dev": true, + "requires": { + "ansi-escapes": "^4.2.1", + "supports-hyperlinks": "^2.0.0" + } + }, + "test-exclude": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", + "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "dev": true, + "requires": { + "@istanbuljs/schema": "^0.1.2", + "glob": "^7.1.4", + "minimatch": "^3.0.4" + } + }, + "throat": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/throat/-/throat-5.0.0.tgz", + "integrity": "sha512-fcwX4mndzpLQKBS1DVYhGAcYaYt7vsHNIvQV+WXMvnow5cgjPphq5CaayLaGsjRdSCKZFNGt7/GYAuXaNOiYCA==", + "dev": true + }, + "tmpl": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.4.tgz", + "integrity": "sha1-I2QN17QtAEM5ERQIIOXPRA5SHdE=", + "dev": true + }, + "to-fast-properties": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", + "dev": true + }, + "to-object-path": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/to-object-path/-/to-object-path-0.3.0.tgz", + "integrity": "sha1-KXWIt7Dn4KwI4E5nL4XB9JmeF68=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "to-regex": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/to-regex/-/to-regex-3.0.2.tgz", + "integrity": "sha512-FWtleNAtZ/Ki2qtqej2CXTOayOH9bHDQF+Q48VpWyDXjbYxA4Yz8iDB31zXOBUlOHHKidDbqGVrTUvQMPmBGBw==", + "dev": true, + "requires": { + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "regex-not": "^1.0.2", + "safe-regex": "^1.1.0" + } + }, + "to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, + "requires": { + "is-number": "^7.0.0" + } + }, + "tough-cookie": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-3.0.1.tgz", + "integrity": "sha512-yQyJ0u4pZsv9D4clxO69OEjLWYw+jbgspjTue4lTQZLfV0c5l1VmK2y1JK8E9ahdpltPOaAThPcp5nKPUgSnsg==", + "dev": true, + "requires": { + "ip-regex": "^2.1.0", + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + }, + "tr46": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-1.0.1.tgz", + "integrity": "sha1-qLE/1r/SSJUZZ0zN5VujaTtwbQk=", + "dev": true, + "requires": { + "punycode": "^2.1.0" + } + }, + "tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "dev": true, + "requires": { + "safe-buffer": "^5.0.1" + } + }, + "tweetnacl": { + "version": "0.14.5", + "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", + "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=", + "dev": true + }, + "type-check": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz", + "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2" + } + }, + "type-detect": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", + "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", + "dev": true + }, + "type-fest": { + "version": "0.8.1", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", + "integrity": "sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA==", + "dev": true + }, + "typedarray-to-buffer": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz", + "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==", + "dev": true, + "requires": { + "is-typedarray": "^1.0.0" + } + }, + "union-value": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.1.tgz", + "integrity": "sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg==", + "dev": true, + "requires": { + "arr-union": "^3.1.0", + "get-value": "^2.0.6", + "is-extendable": "^0.1.1", + "set-value": "^2.0.1" + } + }, + "unset-value": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/unset-value/-/unset-value-1.0.0.tgz", + "integrity": "sha1-g3aHP30jNRef+x5vw6jtDfyKtVk=", + "dev": true, + "requires": { + "has-value": "^0.3.1", + "isobject": "^3.0.0" + }, + "dependencies": { + "has-value": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/has-value/-/has-value-0.3.1.tgz", + "integrity": "sha1-ex9YutpiyoJ+wKIHgCVlSEWZXh8=", + "dev": true, + "requires": { + "get-value": "^2.0.3", + "has-values": "^0.1.4", + "isobject": "^2.0.0" + }, + "dependencies": { + "isobject": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz", + "integrity": "sha1-8GVWEJaj8dou9GJy+BXIQNh+DIk=", + "dev": true, + "requires": { + "isarray": "1.0.0" + } + } + } + }, + "has-values": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/has-values/-/has-values-0.1.4.tgz", + "integrity": "sha1-bWHeldkd/Km5oCCJrThL/49it3E=", + "dev": true + } + } + }, + "uri-js": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", + "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", + "dev": true, + "requires": { + "punycode": "^2.1.0" + } + }, + "urix": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/urix/-/urix-0.1.0.tgz", + "integrity": "sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI=", + "dev": true + }, + "use": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz", + "integrity": "sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==", + "dev": true + }, + "uuid": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", + "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", + "dev": true + }, + "v8-to-istanbul": { + "version": "4.1.4", + "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-4.1.4.tgz", + "integrity": "sha512-Rw6vJHj1mbdK8edjR7+zuJrpDtKIgNdAvTSAcpYfgMIw+u2dPDntD3dgN4XQFLU2/fvFQdzj+EeSGfd/jnY5fQ==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "^2.0.1", + "convert-source-map": "^1.6.0", + "source-map": "^0.7.3" + }, + "dependencies": { + "source-map": { + "version": "0.7.3", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.3.tgz", + "integrity": "sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==", + "dev": true + } + } + }, + "validate-npm-package-license": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", + "dev": true, + "requires": { + "spdx-correct": "^3.0.0", + "spdx-expression-parse": "^3.0.0" + } + }, + "verror": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", + "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0", + "core-util-is": "1.0.2", + "extsprintf": "^1.2.0" + } + }, + "w3c-hr-time": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", + "integrity": "sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==", + "dev": true, + "requires": { + "browser-process-hrtime": "^1.0.0" + } + }, + "w3c-xmlserializer": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-1.1.2.tgz", + "integrity": "sha512-p10l/ayESzrBMYWRID6xbuCKh2Fp77+sA0doRuGn4tTIMrrZVeqfpKjXHY+oDh3K4nLdPgNwMTVP6Vp4pvqbNg==", + "dev": true, + "requires": { + "domexception": "^1.0.1", + "webidl-conversions": "^4.0.2", + "xml-name-validator": "^3.0.0" + } + }, + "walker": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.7.tgz", + "integrity": "sha1-L3+bj9ENZ3JisYqITijRlhjgKPs=", + "dev": true, + "requires": { + "makeerror": "1.0.x" + } + }, + "webidl-conversions": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-4.0.2.tgz", + "integrity": "sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==", + "dev": true + }, + "whatwg-encoding": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz", + "integrity": "sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==", + "dev": true, + "requires": { + "iconv-lite": "0.4.24" + } + }, + "whatwg-mimetype": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz", + "integrity": "sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==", + "dev": true + }, + "whatwg-url": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-7.1.0.tgz", + "integrity": "sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg==", + "dev": true, + "requires": { + "lodash.sortby": "^4.7.0", + "tr46": "^1.0.1", + "webidl-conversions": "^4.0.2" + } + }, + "which": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, + "requires": { + "isexe": "^2.0.0" + } + }, + "which-module": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/which-module/-/which-module-2.0.0.tgz", + "integrity": "sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho=", + "dev": true + }, + "word-wrap": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", + "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", + "dev": true + }, + "wrap-ansi": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", + "integrity": "sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA==", + "dev": true, + "requires": { + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" + } + }, + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", + "dev": true + }, + "write-file-atomic": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.3.tgz", + "integrity": "sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==", + "dev": true, + "requires": { + "imurmurhash": "^0.1.4", + "is-typedarray": "^1.0.0", + "signal-exit": "^3.0.2", + "typedarray-to-buffer": "^3.1.5" + } + }, + "ws": { + "version": "7.3.0", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.3.0.tgz", + "integrity": "sha512-iFtXzngZVXPGgpTlP1rBqsUK82p9tKqsWRPg5L56egiljujJT3vGAYnHANvFxBieXrTFavhzhxW52jnaWV+w2w==", + "dev": true + }, + "xml-name-validator": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", + "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==", + "dev": true + }, + "xmlchars": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz", + "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==", + "dev": true + }, + "y18n": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.0.tgz", + "integrity": "sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w==", + "dev": true + }, + "yargs": { + "version": "15.3.1", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-15.3.1.tgz", + "integrity": "sha512-92O1HWEjw27sBfgmXiixJWT5hRBp2eobqXicLtPBIDBhYB+1HpwZlXmbW2luivBJHBzki+7VyCLRtAkScbTBQA==", + "dev": true, + "requires": { + "cliui": "^6.0.0", + "decamelize": "^1.2.0", + "find-up": "^4.1.0", + "get-caller-file": "^2.0.1", + "require-directory": "^2.1.1", + "require-main-filename": "^2.0.0", + "set-blocking": "^2.0.0", + "string-width": "^4.2.0", + "which-module": "^2.0.0", + "y18n": "^4.0.0", + "yargs-parser": "^18.1.1" + } + }, + "yargs-parser": { + "version": "18.1.3", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-18.1.3.tgz", + "integrity": "sha512-o50j0JeToy/4K6OZcaQmW6lyXXKhq7csREXcDwk2omFPJEwUNOVtJKvmDr9EI1fAJZUyZcRF7kxGBWmRXudrCQ==", + "dev": true, + "requires": { + "camelcase": "^5.0.0", + "decamelize": "^1.2.0" + } + } + } +} From 4cbdbc851bdb3146fa7005f8da1fb419aed1b52f Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Wed, 27 May 2020 13:38:53 +0200 Subject: [PATCH 025/109] Reanme upload method to update Fits better with the getFinding / getRawResult naming schema Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> Co-authored-by: Jorge Estigarribia --- hook-sdk/nodejs/hook-wrapper.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/hook-sdk/nodejs/hook-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js index 8874e8fb..e70bf1f6 100644 --- a/hook-sdk/nodejs/hook-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -48,7 +48,7 @@ function uploadFile(url, fileContents) { }); } -function uploadRawResults(fileContents) { +function updateRawResults(fileContents) { const rawResultUploadUrl = process.argv[4]; if (rawResultUploadUrl === undefined) { console.error( @@ -62,7 +62,7 @@ function uploadRawResults(fileContents) { return uploadFile(rawResultUploadUrl, fileContents); } -function uploadFindings(findings) { +function updateFindings(findings) { const findingsUploadUrl = process.argv[5]; if (findingsUploadUrl === undefined) { console.error( @@ -106,8 +106,8 @@ async function main() { await handle({ getRawResults, getFindings, - uploadRawResults, - uploadFindings, + updateRawResults, + updateFindings, scan, }); } catch (error) { From 7f447d8974333f3897efbaee7b95c568d333f59f Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Wed, 27 May 2020 13:39:52 +0200 Subject: [PATCH 026/109] Add `add-attributes` hook for integration tests --- hooks/add-attributes/.dockerignore | 1 + hooks/add-attributes/.gitignore | 1 + hooks/add-attributes/.helmignore | 30 +++++++++++ hooks/add-attributes/Chart.lock | 3 ++ hooks/add-attributes/Chart.yaml | 11 ++++ hooks/add-attributes/Dockerfile | 3 ++ hooks/add-attributes/hook.js | 18 +++++++ hooks/add-attributes/hook.test.js | 33 ++++++++++++ hooks/add-attributes/templates/NOTES.txt | 2 + hooks/add-attributes/templates/_helpers.tpl | 52 +++++++++++++++++++ .../templates/add-attributes-hook.yaml | 16 ++++++ hooks/add-attributes/values.yaml | 13 +++++ 12 files changed, 183 insertions(+) create mode 100644 hooks/add-attributes/.dockerignore create mode 100644 hooks/add-attributes/.gitignore create mode 100644 hooks/add-attributes/.helmignore create mode 100644 hooks/add-attributes/Chart.lock create mode 100644 hooks/add-attributes/Chart.yaml create mode 100644 hooks/add-attributes/Dockerfile create mode 100644 hooks/add-attributes/hook.js create mode 100644 hooks/add-attributes/hook.test.js create mode 100644 hooks/add-attributes/templates/NOTES.txt create mode 100644 hooks/add-attributes/templates/_helpers.tpl create mode 100644 hooks/add-attributes/templates/add-attributes-hook.yaml create mode 100644 hooks/add-attributes/values.yaml diff --git a/hooks/add-attributes/.dockerignore b/hooks/add-attributes/.dockerignore new file mode 100644 index 00000000..40b878db --- /dev/null +++ b/hooks/add-attributes/.dockerignore @@ -0,0 +1 @@ +node_modules/ \ No newline at end of file diff --git a/hooks/add-attributes/.gitignore b/hooks/add-attributes/.gitignore new file mode 100644 index 00000000..b512c09d --- /dev/null +++ b/hooks/add-attributes/.gitignore @@ -0,0 +1 @@ +node_modules \ No newline at end of file diff --git a/hooks/add-attributes/.helmignore b/hooks/add-attributes/.helmignore new file mode 100644 index 00000000..676a3554 --- /dev/null +++ b/hooks/add-attributes/.helmignore @@ -0,0 +1,30 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +# Node.js files +node_modules/* +package.json +package-lock.json +src/* +config/* +Dockerfile +.dockerignore \ No newline at end of file diff --git a/hooks/add-attributes/Chart.lock b/hooks/add-attributes/Chart.lock new file mode 100644 index 00000000..eb7f3a24 --- /dev/null +++ b/hooks/add-attributes/Chart.lock @@ -0,0 +1,3 @@ +dependencies: [] +digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 +generated: "2020-05-26T16:56:03.119255+02:00" diff --git a/hooks/add-attributes/Chart.yaml b/hooks/add-attributes/Chart.yaml new file mode 100644 index 00000000..2acaecf9 --- /dev/null +++ b/hooks/add-attributes/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: add-attributes-hook +description: Lets you add new attributes to every finding + +type: application + +version: 0.1.0 + +appVersion: latest + +dependencies: [] diff --git a/hooks/add-attributes/Dockerfile b/hooks/add-attributes/Dockerfile new file mode 100644 index 00000000..ffe1db53 --- /dev/null +++ b/hooks/add-attributes/Dockerfile @@ -0,0 +1,3 @@ +FROM scbexperimental/hook-sdk-nodejs:latest +WORKDIR /home/app/hook-wrapper/hook/ +COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/add-attributes/hook.js b/hooks/add-attributes/hook.js new file mode 100644 index 00000000..dc84bf25 --- /dev/null +++ b/hooks/add-attributes/hook.js @@ -0,0 +1,18 @@ +async function handle({ + getFindings, + updateFindings, + attributeName = process.env["ATTRIBUTE_NAME"], + attributeValue = process.env["ATTRIBUTE_VALUE"], +}) { + const findings = await getFindings(); + + const newFindings = findings.map((finding) => { + finding.attributes[attributeName] = attributeValue; + return finding; + }); + + console.log(`Updated attributes on ${findings.length} findings`); + + await updateFindings(newFindings); +} +module.exports.handle = handle; diff --git a/hooks/add-attributes/hook.test.js b/hooks/add-attributes/hook.test.js new file mode 100644 index 00000000..9f88db74 --- /dev/null +++ b/hooks/add-attributes/hook.test.js @@ -0,0 +1,33 @@ +const { handle } = require("./hook"); + +test("should send a post request to the url when fired", async () => { + const findings = [ + { + name: "Open Port", + attributes: { + hostname: "foobar.com", + }, + }, + ]; + + const getFindings = async () => findings; + + const updateFindings = jest.fn(); + + await handle({ + getFindings, + updateFindings, + attributeName: "cluster", + attributeValue: "gke-internal", + }); + + expect(updateFindings).toBeCalledWith([ + { + name: "Open Port", + attributes: { + hostname: "foobar.com", + cluster: "gke-internal", + }, + }, + ]); +}); diff --git a/hooks/add-attributes/templates/NOTES.txt b/hooks/add-attributes/templates/NOTES.txt new file mode 100644 index 00000000..84b6d403 --- /dev/null +++ b/hooks/add-attributes/templates/NOTES.txt @@ -0,0 +1,2 @@ +AddAttribute Hook deployed. +This will add a attribute "{{ .Values.attribute.name }}: {{ .Values.attribute.value }}" on every finding in this namespace. \ No newline at end of file diff --git a/hooks/add-attributes/templates/_helpers.tpl b/hooks/add-attributes/templates/_helpers.tpl new file mode 100644 index 00000000..17523abc --- /dev/null +++ b/hooks/add-attributes/templates/_helpers.tpl @@ -0,0 +1,52 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "add-attribute.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "add-attribute.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "add-attribute.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "add-attribute.labels" -}} +helm.sh/chart: {{ include "add-attribute.chart" . }} +{{ include "add-attribute.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "add-attribute.selectorLabels" -}} +app.kubernetes.io/name: {{ include "add-attribute.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} diff --git a/hooks/add-attributes/templates/add-attributes-hook.yaml b/hooks/add-attributes/templates/add-attributes-hook.yaml new file mode 100644 index 00000000..5ece27f2 --- /dev/null +++ b/hooks/add-attributes/templates/add-attributes-hook.yaml @@ -0,0 +1,16 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: ScanCompletionHook +metadata: + name: {{ include "add-attribute.fullname" . }} +spec: + type: ReadAndWrite + {{- if .Values.image.digest }} + image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" + {{- else }} + image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{- end }} + env: + - name: ATTRIBUTE_NAME + value: {{ .Values.attribute.name | quote }} + - name: ATTRIBUTE_VALUE + value: {{ .Values.attribute.value | quote }} diff --git a/hooks/add-attributes/values.yaml b/hooks/add-attributes/values.yaml new file mode 100644 index 00000000..e8e0ef94 --- /dev/null +++ b/hooks/add-attributes/values.yaml @@ -0,0 +1,13 @@ +# Default values for dispatcher. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +attribute: + name: foobar + value: example + +image: + registry: docker.io + repository: scbexperimental/add-attribute + tag: latest + digest: null From cb4c2726c38d1d7927070629b93c6f0b2577389d Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Wed, 27 May 2020 14:08:31 +0200 Subject: [PATCH 027/109] Extracted setHookStatus from reconciler function Co-authored-by: Jorge Estigarribia Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> --- .../controllers/execution/scan_controller.go | 80 ++++++++++--------- 1 file changed, 43 insertions(+), 37 deletions(-) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index b18528be..03716d97 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -113,43 +113,7 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { case "Parsing": err = r.checkIfParsingIsCompleted(&scan) case "ParseCompleted": - // Hook status erstellen - - var scanCompletionHooks executionv1.ScanCompletionHookList - - if err := r.List(ctx, &scanCompletionHooks, client.InNamespace(scan.Namespace)); err != nil { - r.Log.V(7).Info("Unable to fetch ScanCompletionHooks") - return ctrl.Result{}, err - } - - r.Log.Info("Found ScanCompletionHooks", "ScanCompletionHooks", len(scanCompletionHooks.Items)) - - readAndWriteHooks := []executionv1.ScanCompletionHook{} - // filter all ReadAndWriteHooks in the scamCompletionHooks list - for _, hook := range scanCompletionHooks.Items { - if hook.Spec.Type == executionv1.ReadAndWrite { - readAndWriteHooks = append(readAndWriteHooks, hook) - } - } - - r.Log.Info("Found ReadAndWriteHooks", "ReadAndWriteHooks", len(readAndWriteHooks)) - - hookStatus := []executionv1.HookStatus{} - - for _, hook := range readAndWriteHooks { - hookStatus = append(hookStatus, executionv1.HookStatus{ - HookName: hook.Name, - State: executionv1.Pending, - }) - } - - scan.Status.State = "ReadAndWriteHookProcessing" - scan.Status.ReadAndWriteHookStatus = hookStatus - - if err := r.Status().Update(ctx, &scan); err != nil { - r.Log.Error(err, "unable to update Scan status") - return ctrl.Result{}, err - } + err = r.setHookStatus(&scan) case "ReadAndWriteHookProcessing": // First Array entry which is not Completed. var nonCompletedHook *executionv1.HookStatus @@ -1191,3 +1155,45 @@ func (r *ScanReconciler) SetupWithManager(mgr ctrl.Manager) error { Owns(&batch.Job{}). Complete(r) } + +func (r *ScanReconciler) setHookStatus(scan *executionv1.Scan) error { + // Set (pending) Hook status on the scan + ctx := context.Background() + var scanCompletionHooks executionv1.ScanCompletionHookList + + if err := r.List(ctx, &scanCompletionHooks, client.InNamespace(scan.Namespace)); err != nil { + r.Log.V(7).Info("Unable to fetch ScanCompletionHooks") + return err + } + + r.Log.Info("Found ScanCompletionHooks", "ScanCompletionHooks", len(scanCompletionHooks.Items)) + + readAndWriteHooks := []executionv1.ScanCompletionHook{} + // filter all ReadAndWriteHooks in the scamCompletionHooks list + for _, hook := range scanCompletionHooks.Items { + if hook.Spec.Type == executionv1.ReadAndWrite { + readAndWriteHooks = append(readAndWriteHooks, hook) + } + } + + r.Log.Info("Found ReadAndWriteHooks", "ReadAndWriteHooks", len(readAndWriteHooks)) + + hookStatus := []executionv1.HookStatus{} + + for _, hook := range readAndWriteHooks { + hookStatus = append(hookStatus, executionv1.HookStatus{ + HookName: hook.Name, + State: executionv1.Pending, + }) + } + + scan.Status.State = "ReadAndWriteHookProcessing" + scan.Status.ReadAndWriteHookStatus = hookStatus + + if err := r.Status().Update(ctx, scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return err + } + + return nil +} From 2acb8b5338c8bcf292bc022c875c5808a9e927f1 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Wed, 27 May 2020 14:19:46 +0200 Subject: [PATCH 028/109] Remove demo fields --- .../execution_v1_scan/nmap_localhost.yaml | 23 ------------------- 1 file changed, 23 deletions(-) diff --git a/operator/config/samples/execution_v1_scan/nmap_localhost.yaml b/operator/config/samples/execution_v1_scan/nmap_localhost.yaml index c6c27113..0bdc29f8 100644 --- a/operator/config/samples/execution_v1_scan/nmap_localhost.yaml +++ b/operator/config/samples/execution_v1_scan/nmap_localhost.yaml @@ -1,8 +1,6 @@ apiVersion: execution.experimental.securecodebox.io/v1 kind: Scan metadata: - finalizers: - - s3.storage.experimental.securecodebox.io name: nmap-localhost namespace: default spec: @@ -10,24 +8,3 @@ spec: - -Pn - localhost scanType: nmap -status: - state: Errored - errorDescription: At least one ReadOnlyHook failed, check the hooks kubernetes jobs related to the scan for more details. - findings: - categories: - Host: 1 - count: 1 - severities: - informational: 1 - rawResultFile: nmap-results.xml - rawResultType: nmap-xml - readAndWriteHookStatus: - - hookName: luy-metadata - state: Completed - jobName: luy-metadata-123123 - - hookName: finding-priority - state: Error - jobName: finding-priority-123123 - error: "Job failed" - - hookName: hook-3 - state: Pending From e6f4e7666d058f486a86173ea2333b2003efaa6f Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Wed, 27 May 2020 14:23:48 +0200 Subject: [PATCH 029/109] Extract executeReadAndWriteHooks from reconciler func --- .../controllers/execution/scan_controller.go | 375 +++++++++--------- 1 file changed, 191 insertions(+), 184 deletions(-) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 03716d97..6e136f34 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -115,191 +115,8 @@ func (r *ScanReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { case "ParseCompleted": err = r.setHookStatus(&scan) case "ReadAndWriteHookProcessing": - // First Array entry which is not Completed. - var nonCompletedHook *executionv1.HookStatus + err = r.executeReadAndWriteHooks(&scan) - for _, hook := range scan.Status.ReadAndWriteHookStatus { - if hook.State != executionv1.Completed { - nonCompletedHook = &hook - break - } - } - - if nonCompletedHook == nil { - scan.Status.State = "ReadAndWriteHookCompleted" - if err := r.Status().Update(ctx, &scan); err != nil { - r.Log.Error(err, "unable to update Scan status") - return ctrl.Result{}, err - } - return ctrl.Result{}, nil - } - - if nonCompletedHook.State == executionv1.Pending { - rules := []rbacv1.PolicyRule{ - { - APIGroups: []string{"execution.experimental.securecodebox.io"}, - Resources: []string{"scans"}, - Verbs: []string{"get"}, - }, - } - serviceAccountName := "scan-completion-hook" - r.ensureServiceAccountExists( - scan.Namespace, - serviceAccountName, - "ScanCompletionHooks need to access the current scan to view where its results are stored", - rules, - ) - - rawFileURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile) - if err != nil { - return ctrl.Result{}, err - } - findingsFileURL, err := r.PresignedGetURL(scan.UID, "findings.json") - if err != nil { - return ctrl.Result{}, err - } - - bucketName := os.Getenv("S3_BUCKET") - rawFileUploadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/%s", scan.UID, scan.Status.RawResultFile), 12*time.Hour) - if err != nil { - r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") - return ctrl.Result{}, err - } - findingsUploadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/findings.json", scan.UID), 12*time.Hour) - if err != nil { - r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") - return ctrl.Result{}, err - } - - var hook executionv1.ScanCompletionHook - err = r.Get(ctx, types.NamespacedName{Name: nonCompletedHook.HookName, Namespace: scan.Namespace}, &hook) - if err != nil { - r.Log.Error(err, "Failed to get ReadAndWrite Hook for HookStatus") - return ctrl.Result{}, err - } - - standardEnvVars := []corev1.EnvVar{ - { - Name: "NAMESPACE", - ValueFrom: &corev1.EnvVarSource{ - FieldRef: &corev1.ObjectFieldSelector{ - FieldPath: "metadata.namespace", - }, - }, - }, - { - Name: "SCAN_NAME", - Value: scan.Name, - }, - } - - // Starting a new job based on the current ReadAndWrite Hook - labels := scan.ObjectMeta.DeepCopy().Labels - if labels == nil { - labels = make(map[string]string) - } - labels["experimental.securecodebox.io/job-type"] = "read-and-write-hook" - var backOffLimit int32 = 3 - job := &batch.Job{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: make(map[string]string), - Name: fmt.Sprintf("%s-%s", hook.Name, scan.Name), - Namespace: scan.Namespace, - Labels: labels, - }, - Spec: batch.JobSpec{ - BackoffLimit: &backOffLimit, - Template: corev1.PodTemplateSpec{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - "auto-discovery.experimental.securecodebox.io/ignore": "true", - }, - }, - Spec: corev1.PodSpec{ - ServiceAccountName: serviceAccountName, - RestartPolicy: corev1.RestartPolicyNever, - Containers: []corev1.Container{ - { - Name: "hook", - Image: hook.Spec.Image, - Args: []string{ - rawFileURL, - findingsFileURL, - rawFileUploadURL.String(), - findingsUploadURL.String(), - }, - Env: append(hook.Spec.Env, standardEnvVars...), - ImagePullPolicy: "IfNotPresent", - }, - }, - }, - }, - TTLSecondsAfterFinished: nil, - }, - } - if err := ctrl.SetControllerReference(&scan, job, r.Scheme); err != nil { - r.Log.Error(err, "Unable to set controllerReference on job", "job", job) - return ctrl.Result{}, err - } - - if err := r.Create(ctx, job); err != nil { - r.Log.Error(err, "Unable to create Job for ReadOnlyHook", "job", job) - return ctrl.Result{}, err - } - - for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { - if hookStatus.HookName == nonCompletedHook.HookName { - scan.Status.ReadAndWriteHookStatus[i].JobName = job.Name - scan.Status.ReadAndWriteHookStatus[i].State = executionv1.InProgress - } - } - - if err := r.Status().Update(ctx, &scan); err != nil { - r.Log.Error(err, "unable to update Scan status") - return ctrl.Result{}, err - } - return ctrl.Result{}, err - } - - if nonCompletedHook.State == executionv1.InProgress { - jobStatus, err := r.checkIfJobIsCompleted(nonCompletedHook.JobName, scan.Namespace) - if err != nil { - r.Log.Error(err, "Failed to check job status for ReadAndWrite Hook") - return ctrl.Result{}, err - } - switch jobStatus { - case completed: - for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { - if hookStatus.HookName == nonCompletedHook.HookName { - scan.Status.ReadAndWriteHookStatus[i].State = executionv1.Completed - } - } - - if err := r.Status().Update(ctx, &scan); err != nil { - r.Log.Error(err, "unable to update Scan status") - return ctrl.Result{}, err - } - return ctrl.Result{}, err - case incomplete: - // Still waiting for job to finish - return ctrl.Result{}, err - - case failed: - for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { - if hookStatus.HookName == nonCompletedHook.HookName { - scan.Status.ReadAndWriteHookStatus[i].State = executionv1.Failed - } else if hookStatus.State == executionv1.Pending { - scan.Status.ReadAndWriteHookStatus[i].State = executionv1.Cancelled - } - } - scan.Status.State = "Errored" - scan.Status.ErrorDescription = fmt.Sprintf("Failed to execute ReadAndWrite Hook '%s' in job '%s'. Check the logs of the hook for more information.", nonCompletedHook.HookName, nonCompletedHook.JobName) - if err := r.Status().Update(ctx, &scan); err != nil { - r.Log.Error(err, "unable to update Scan status") - return ctrl.Result{}, err - } - } - } case "ReadAndWriteHookCompleted": err = r.startReadOnlyHooks(&scan) case "ReadOnlyHookProcessing": @@ -1197,3 +1014,193 @@ func (r *ScanReconciler) setHookStatus(scan *executionv1.Scan) error { return nil } + +func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error { + // First Array entry which is not Completed. + ctx := context.Background() + var nonCompletedHook *executionv1.HookStatus + + for _, hook := range scan.Status.ReadAndWriteHookStatus { + if hook.State != executionv1.Completed { + nonCompletedHook = &hook + break + } + } + + if nonCompletedHook == nil { + scan.Status.State = "ReadAndWriteHookCompleted" + if err := r.Status().Update(ctx, scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return err + } + return nil + } + + if nonCompletedHook.State == executionv1.Pending { + rules := []rbacv1.PolicyRule{ + { + APIGroups: []string{"execution.experimental.securecodebox.io"}, + Resources: []string{"scans"}, + Verbs: []string{"get"}, + }, + } + serviceAccountName := "scan-completion-hook" + r.ensureServiceAccountExists( + scan.Namespace, + serviceAccountName, + "ScanCompletionHooks need to access the current scan to view where its results are stored", + rules, + ) + + rawFileURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile) + if err != nil { + return err + } + findingsFileURL, err := r.PresignedGetURL(scan.UID, "findings.json") + if err != nil { + return err + } + + bucketName := os.Getenv("S3_BUCKET") + rawFileUploadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/%s", scan.UID, scan.Status.RawResultFile), 12*time.Hour) + if err != nil { + r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") + return err + } + findingsUploadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/findings.json", scan.UID), 12*time.Hour) + if err != nil { + r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") + return err + } + + var hook executionv1.ScanCompletionHook + err = r.Get(ctx, types.NamespacedName{Name: nonCompletedHook.HookName, Namespace: scan.Namespace}, &hook) + if err != nil { + r.Log.Error(err, "Failed to get ReadAndWrite Hook for HookStatus") + return err + } + + standardEnvVars := []corev1.EnvVar{ + { + Name: "NAMESPACE", + ValueFrom: &corev1.EnvVarSource{ + FieldRef: &corev1.ObjectFieldSelector{ + FieldPath: "metadata.namespace", + }, + }, + }, + { + Name: "SCAN_NAME", + Value: scan.Name, + }, + } + + // Starting a new job based on the current ReadAndWrite Hook + labels := scan.ObjectMeta.DeepCopy().Labels + if labels == nil { + labels = make(map[string]string) + } + labels["experimental.securecodebox.io/job-type"] = "read-and-write-hook" + var backOffLimit int32 = 3 + job := &batch.Job{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: make(map[string]string), + Name: fmt.Sprintf("%s-%s", hook.Name, scan.Name), + Namespace: scan.Namespace, + Labels: labels, + }, + Spec: batch.JobSpec{ + BackoffLimit: &backOffLimit, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + "auto-discovery.experimental.securecodebox.io/ignore": "true", + }, + }, + Spec: corev1.PodSpec{ + ServiceAccountName: serviceAccountName, + RestartPolicy: corev1.RestartPolicyNever, + Containers: []corev1.Container{ + { + Name: "hook", + Image: hook.Spec.Image, + Args: []string{ + rawFileURL, + findingsFileURL, + rawFileUploadURL.String(), + findingsUploadURL.String(), + }, + Env: append(hook.Spec.Env, standardEnvVars...), + ImagePullPolicy: "IfNotPresent", + }, + }, + }, + }, + TTLSecondsAfterFinished: nil, + }, + } + if err := ctrl.SetControllerReference(scan, job, r.Scheme); err != nil { + r.Log.Error(err, "Unable to set controllerReference on job", "job", job) + return err + } + + if err := r.Create(ctx, job); err != nil { + r.Log.Error(err, "Unable to create Job for ReadOnlyHook", "job", job) + return err + } + + for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { + if hookStatus.HookName == nonCompletedHook.HookName { + scan.Status.ReadAndWriteHookStatus[i].JobName = job.Name + scan.Status.ReadAndWriteHookStatus[i].State = executionv1.InProgress + } + } + + if err := r.Status().Update(ctx, scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return err + } + return err + } + + if nonCompletedHook.State == executionv1.InProgress { + jobStatus, err := r.checkIfJobIsCompleted(nonCompletedHook.JobName, scan.Namespace) + if err != nil { + r.Log.Error(err, "Failed to check job status for ReadAndWrite Hook") + return err + } + switch jobStatus { + case completed: + for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { + if hookStatus.HookName == nonCompletedHook.HookName { + scan.Status.ReadAndWriteHookStatus[i].State = executionv1.Completed + } + } + + if err := r.Status().Update(ctx, scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return err + } + return err + case incomplete: + // Still waiting for job to finish + return err + + case failed: + for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { + if hookStatus.HookName == nonCompletedHook.HookName { + scan.Status.ReadAndWriteHookStatus[i].State = executionv1.Failed + } else if hookStatus.State == executionv1.Pending { + scan.Status.ReadAndWriteHookStatus[i].State = executionv1.Cancelled + } + } + scan.Status.State = "Errored" + scan.Status.ErrorDescription = fmt.Sprintf("Failed to execute ReadAndWrite Hook '%s' in job '%s'. Check the logs of the hook for more information.", nonCompletedHook.HookName, nonCompletedHook.JobName) + if err := r.Status().Update(ctx, scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return err + } + } + } + return nil +} From 753a34e0a8789eaa62cbacb852f5904453f798ca Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Wed, 27 May 2020 14:56:40 +0200 Subject: [PATCH 030/109] Fix return values --- operator/controllers/execution/scan_controller.go | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 6e136f34..8be5d3e6 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -1145,7 +1145,7 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error } if err := r.Create(ctx, job); err != nil { - r.Log.Error(err, "Unable to create Job for ReadOnlyHook", "job", job) + r.Log.Error(err, "Unable to create Job for ReadAndWriteHook", "job", job) return err } @@ -1160,7 +1160,7 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error r.Log.Error(err, "unable to update Scan status") return err } - return err + return nil } if nonCompletedHook.State == executionv1.InProgress { @@ -1181,11 +1181,10 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error r.Log.Error(err, "unable to update Scan status") return err } - return err + return nil case incomplete: // Still waiting for job to finish - return err - + return nil case failed: for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { if hookStatus.HookName == nonCompletedHook.HookName { From 584e9562a1360c14836183ade1bffbcc624b3ce9 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Wed, 27 May 2020 15:40:32 +0200 Subject: [PATCH 031/109] Refactore Hook handling --- .../controllers/execution/scan_controller.go | 287 ++++++++---------- 1 file changed, 124 insertions(+), 163 deletions(-) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 8be5d3e6..f43b5197 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -353,8 +353,7 @@ func (r *ScanReconciler) startParser(scan *executionv1.Scan) error { } log.Info("Matching ParseDefinition Found", "ParseDefinition", parseType) - bucketName := os.Getenv("S3_BUCKET") - findingsUploadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/findings.json", scan.UID), 12*time.Hour) + findingsUploadURL, err := r.PresignedPutURL(scan.UID, "findings.json") if err != nil { r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") return err @@ -423,7 +422,7 @@ func (r *ScanReconciler) startParser(scan *executionv1.Scan) error { }, Args: []string{ rawResultDownloadURL, - findingsUploadURL.String(), + findingsUploadURL, }, ImagePullPolicy: "Always", }, @@ -486,10 +485,8 @@ func (r *ScanReconciler) checkIfParsingIsCompleted(scan *executionv1.Scan) error } func (r *ScanReconciler) constructJobForScan(scan *executionv1.Scan, scanType *executionv1.ScanType) (*batch.Job, error) { - bucketName := os.Getenv("S3_BUCKET") - filename := filepath.Base(scanType.Spec.ExtractResults.Location) - resultUploadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/%s", scan.UID, filename), 12*time.Hour) + resultUploadURL, err := r.PresignedPutURL(scan.UID, filename) if err != nil { r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") return nil, err @@ -575,7 +572,7 @@ func (r *ScanReconciler) constructJobForScan(scan *executionv1.Scan, scanType *e "--file", scanType.Spec.ExtractResults.Location, "--url", - resultUploadURL.String(), + resultUploadURL, }, Env: []corev1.EnvVar{ { @@ -640,6 +637,18 @@ func (r *ScanReconciler) PresignedGetURL(scanID types.UID, filename string) (str return rawResultDownloadURL.String(), nil } +// PresignedPutURL returns a presigned URL from the s3 (or compatible) serice. +func (r *ScanReconciler) PresignedPutURL(scanID types.UID, filename string) (string, error) { + bucketName := os.Getenv("S3_BUCKET") + + rawResultDownloadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/%s", string(scanID), filename), 12*time.Hour) + if err != nil { + r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") + return "", err + } + return rawResultDownloadURL.String(), nil +} + func (r *ScanReconciler) startReadOnlyHooks(scan *executionv1.Scan) error { ctx := context.Background() @@ -698,71 +707,18 @@ func (r *ScanReconciler) startReadOnlyHooks(scan *executionv1.Scan) error { return err } - standardEnvVars := []corev1.EnvVar{ - { - Name: "NAMESPACE", - ValueFrom: &corev1.EnvVarSource{ - FieldRef: &corev1.ObjectFieldSelector{ - FieldPath: "metadata.namespace", - }, - }, - }, - { - Name: "SCAN_NAME", - Value: scan.Name, - }, - } - - // Starting a new job based on the current ReadOnlyHook - labels := scan.ObjectMeta.DeepCopy().Labels - if labels == nil { - labels = make(map[string]string) - } - labels["experimental.securecodebox.io/job-type"] = "read-only-hook" - job := &batch.Job{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: make(map[string]string), - Name: fmt.Sprintf("%s-%s", hook.Name, scan.Name), - Namespace: scan.Namespace, - Labels: labels, - }, - Spec: batch.JobSpec{ - Template: corev1.PodTemplateSpec{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - "auto-discovery.experimental.securecodebox.io/ignore": "true", - }, - }, - Spec: corev1.PodSpec{ - ServiceAccountName: serviceAccountName, - RestartPolicy: corev1.RestartPolicyNever, - Containers: []corev1.Container{ - { - Name: "hook", - Image: hook.Spec.Image, - Args: []string{ - rawFileURL, - findingsFileURL, - }, - Env: append(hook.Spec.Env, standardEnvVars...), - ImagePullPolicy: "IfNotPresent", - }, - }, - }, - }, - TTLSecondsAfterFinished: nil, + jobName, err := r.createJobForHook( + &hook, + scan, + []string{ + rawFileURL, + findingsFileURL, }, - } - if err := ctrl.SetControllerReference(scan, job, r.Scheme); err != nil { - r.Log.Error(err, "Unable to set controllerReference on job", "job", job) - return err - } - - if err := r.Create(ctx, job); err != nil { - r.Log.Error(err, "Unable to create Job for ReadOnlyHook", "job", job) + ) + if err != nil { + r.Log.Error(err, "Unable to create Job for ReadOnlyHook", "job", jobName) return err } - } scan.Status.State = "ReadOnlyHookProcessing" if err := r.Status().Update(ctx, scan); err != nil { @@ -1015,6 +971,88 @@ func (r *ScanReconciler) setHookStatus(scan *executionv1.Scan) error { return nil } +func (r *ScanReconciler) createJobForHook(hook *executionv1.ScanCompletionHook, scan *executionv1.Scan, cliArgs []string) (string, error) { + ctx := context.Background() + rules := []rbacv1.PolicyRule{ + { + APIGroups: []string{"execution.experimental.securecodebox.io"}, + Resources: []string{"scans"}, + Verbs: []string{"get"}, + }, + } + serviceAccountName := "scan-completion-hook" + r.ensureServiceAccountExists( + hook.Namespace, + serviceAccountName, + "ScanCompletionHooks need to access the current scan to view where its results are stored", + rules, + ) + + standardEnvVars := []corev1.EnvVar{ + { + Name: "NAMESPACE", + ValueFrom: &corev1.EnvVarSource{ + FieldRef: &corev1.ObjectFieldSelector{ + FieldPath: "metadata.namespace", + }, + }, + }, + { + Name: "SCAN_NAME", + Value: scan.Name, + }, + } + + // Starting a new job based on the current ReadAndWrite Hook + labels := scan.ObjectMeta.DeepCopy().Labels + if labels == nil { + labels = make(map[string]string) + } + labels["experimental.securecodebox.io/job-type"] = "read-and-write-hook" + var backOffLimit int32 = 3 + job := &batch.Job{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: make(map[string]string), + Name: fmt.Sprintf("%s-%s", hook.Name, scan.Name), + Namespace: scan.Namespace, + Labels: labels, + }, + Spec: batch.JobSpec{ + BackoffLimit: &backOffLimit, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + "auto-discovery.experimental.securecodebox.io/ignore": "true", + }, + }, + Spec: corev1.PodSpec{ + ServiceAccountName: serviceAccountName, + RestartPolicy: corev1.RestartPolicyNever, + Containers: []corev1.Container{ + { + Name: "hook", + Image: hook.Spec.Image, + Args: cliArgs, + Env: append(hook.Spec.Env, standardEnvVars...), + ImagePullPolicy: "IfNotPresent", + }, + }, + }, + }, + TTLSecondsAfterFinished: nil, + }, + } + if err := ctrl.SetControllerReference(scan, job, r.Scheme); err != nil { + r.Log.Error(err, "Unable to set controllerReference on job", "job", job) + return "", err + } + + if err := r.Create(ctx, job); err != nil { + return "", err + } + return job.Name, nil +} + func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error { // First Array entry which is not Completed. ctx := context.Background() @@ -1036,22 +1074,8 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error return nil } - if nonCompletedHook.State == executionv1.Pending { - rules := []rbacv1.PolicyRule{ - { - APIGroups: []string{"execution.experimental.securecodebox.io"}, - Resources: []string{"scans"}, - Verbs: []string{"get"}, - }, - } - serviceAccountName := "scan-completion-hook" - r.ensureServiceAccountExists( - scan.Namespace, - serviceAccountName, - "ScanCompletionHooks need to access the current scan to view where its results are stored", - rules, - ) - + switch nonCompletedHook.State { + case executionv1.Pending: rawFileURL, err := r.PresignedGetURL(scan.UID, scan.Status.RawResultFile) if err != nil { return err @@ -1061,97 +1085,35 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error return err } - bucketName := os.Getenv("S3_BUCKET") - rawFileUploadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/%s", scan.UID, scan.Status.RawResultFile), 12*time.Hour) + rawFileUploadURL, err := r.PresignedPutURL(scan.UID, scan.Status.RawResultFile) if err != nil { - r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") return err } - findingsUploadURL, err := r.MinioClient.PresignedPutObject(bucketName, fmt.Sprintf("scan-%s/findings.json", scan.UID), 12*time.Hour) + findingsUploadURL, err := r.PresignedPutURL(scan.UID, "findings.json") if err != nil { - r.Log.Error(err, "Could not get presigned url from s3 or compatible storage provider") return err } var hook executionv1.ScanCompletionHook - err = r.Get(ctx, types.NamespacedName{Name: nonCompletedHook.HookName, Namespace: scan.Namespace}, &hook) - if err != nil { + if err := r.Get(ctx, types.NamespacedName{Name: nonCompletedHook.HookName, Namespace: scan.Namespace}, &hook); err != nil { r.Log.Error(err, "Failed to get ReadAndWrite Hook for HookStatus") return err } - standardEnvVars := []corev1.EnvVar{ - { - Name: "NAMESPACE", - ValueFrom: &corev1.EnvVarSource{ - FieldRef: &corev1.ObjectFieldSelector{ - FieldPath: "metadata.namespace", - }, - }, - }, - { - Name: "SCAN_NAME", - Value: scan.Name, - }, - } - - // Starting a new job based on the current ReadAndWrite Hook - labels := scan.ObjectMeta.DeepCopy().Labels - if labels == nil { - labels = make(map[string]string) - } - labels["experimental.securecodebox.io/job-type"] = "read-and-write-hook" - var backOffLimit int32 = 3 - job := &batch.Job{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: make(map[string]string), - Name: fmt.Sprintf("%s-%s", hook.Name, scan.Name), - Namespace: scan.Namespace, - Labels: labels, + jobName, err := r.createJobForHook( + &hook, + scan, + []string{ + rawFileURL, + findingsFileURL, + rawFileUploadURL, + findingsUploadURL, }, - Spec: batch.JobSpec{ - BackoffLimit: &backOffLimit, - Template: corev1.PodTemplateSpec{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - "auto-discovery.experimental.securecodebox.io/ignore": "true", - }, - }, - Spec: corev1.PodSpec{ - ServiceAccountName: serviceAccountName, - RestartPolicy: corev1.RestartPolicyNever, - Containers: []corev1.Container{ - { - Name: "hook", - Image: hook.Spec.Image, - Args: []string{ - rawFileURL, - findingsFileURL, - rawFileUploadURL.String(), - findingsUploadURL.String(), - }, - Env: append(hook.Spec.Env, standardEnvVars...), - ImagePullPolicy: "IfNotPresent", - }, - }, - }, - }, - TTLSecondsAfterFinished: nil, - }, - } - if err := ctrl.SetControllerReference(scan, job, r.Scheme); err != nil { - r.Log.Error(err, "Unable to set controllerReference on job", "job", job) - return err - } - - if err := r.Create(ctx, job); err != nil { - r.Log.Error(err, "Unable to create Job for ReadAndWriteHook", "job", job) - return err - } + ) for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { if hookStatus.HookName == nonCompletedHook.HookName { - scan.Status.ReadAndWriteHookStatus[i].JobName = job.Name + scan.Status.ReadAndWriteHookStatus[i].JobName = jobName scan.Status.ReadAndWriteHookStatus[i].State = executionv1.InProgress } } @@ -1161,9 +1123,7 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error return err } return nil - } - - if nonCompletedHook.State == executionv1.InProgress { + case executionv1.InProgress: jobStatus, err := r.checkIfJobIsCompleted(nonCompletedHook.JobName, scan.Namespace) if err != nil { r.Log.Error(err, "Failed to check job status for ReadAndWrite Hook") @@ -1201,5 +1161,6 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error } } } + return nil } From 8f725c69541c630fce203f39471c0a92d4473a66 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Wed, 27 May 2020 15:54:27 +0200 Subject: [PATCH 032/109] Extract scan status update logic --- .../controllers/execution/scan_controller.go | 54 ++++++++++--------- 1 file changed, 30 insertions(+), 24 deletions(-) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index f43b5197..63884df9 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -1053,8 +1053,22 @@ func (r *ScanReconciler) createJobForHook(hook *executionv1.ScanCompletionHook, return job.Name, nil } +func (r *ScanReconciler) updateHookStatus(scan *executionv1.Scan, hookStatus executionv1.HookStatus) error { + for i, hook := range scan.Status.ReadAndWriteHookStatus { + if hook.HookName == hookStatus.HookName { + scan.Status.ReadAndWriteHookStatus[i] = hookStatus + break + } + } + if err := r.Status().Update(context.Background(), scan); err != nil { + r.Log.Error(err, "unable to update Scan status") + return err + } + return nil +} + func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error { - // First Array entry which is not Completed. + // Get the first Hook Status which is not completed. ctx := context.Background() var nonCompletedHook *executionv1.HookStatus @@ -1065,6 +1079,7 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error } } + // If nil then all hooks are done if nonCompletedHook == nil { scan.Status.State = "ReadAndWriteHookCompleted" if err := r.Status().Update(ctx, scan); err != nil { @@ -1111,18 +1126,13 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error }, ) - for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { - if hookStatus.HookName == nonCompletedHook.HookName { - scan.Status.ReadAndWriteHookStatus[i].JobName = jobName - scan.Status.ReadAndWriteHookStatus[i].State = executionv1.InProgress - } - } - - if err := r.Status().Update(ctx, scan); err != nil { - r.Log.Error(err, "unable to update Scan status") - return err - } - return nil + // Update the currently executed hook status to "InProgress" + err = r.updateHookStatus(scan, executionv1.HookStatus{ + HookName: nonCompletedHook.HookName, + JobName: jobName, + State: executionv1.InProgress, + }) + return err case executionv1.InProgress: jobStatus, err := r.checkIfJobIsCompleted(nonCompletedHook.JobName, scan.Namespace) if err != nil { @@ -1131,17 +1141,13 @@ func (r *ScanReconciler) executeReadAndWriteHooks(scan *executionv1.Scan) error } switch jobStatus { case completed: - for i, hookStatus := range scan.Status.ReadAndWriteHookStatus { - if hookStatus.HookName == nonCompletedHook.HookName { - scan.Status.ReadAndWriteHookStatus[i].State = executionv1.Completed - } - } - - if err := r.Status().Update(ctx, scan); err != nil { - r.Log.Error(err, "unable to update Scan status") - return err - } - return nil + // Job is completed => set current Hook to completed + err = r.updateHookStatus(scan, executionv1.HookStatus{ + HookName: nonCompletedHook.HookName, + JobName: nonCompletedHook.JobName, + State: executionv1.Completed, + }) + return err case incomplete: // Still waiting for job to finish return nil From 806bbb7c2dad93c91d8a2f2ef48b60cc7717143e Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Thu, 28 May 2020 12:02:55 +0200 Subject: [PATCH 033/109] Pin to ssh_scan `0.0.43` image --- integrations/ssh_scan/templates/ssh-scan-scan-type.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integrations/ssh_scan/templates/ssh-scan-scan-type.yaml b/integrations/ssh_scan/templates/ssh-scan-scan-type.yaml index cd92dcbe..6ed63bf4 100644 --- a/integrations/ssh_scan/templates/ssh-scan-scan-type.yaml +++ b/integrations/ssh_scan/templates/ssh-scan-scan-type.yaml @@ -15,7 +15,7 @@ spec: restartPolicy: OnFailure containers: - name: ssh-scan - image: mozilla/ssh_scan + image: mozilla/ssh_scan@sha256:ebd76f798159844c0baca6b78cc324ba1966b11eb4f45118397a59d01f764c97 command: - "/app/bin/ssh_scan" - "--output" From 0aec8b9457ce0641b9b5df289648ecd7270bfacb Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Sat, 6 Jun 2020 14:13:33 +0200 Subject: [PATCH 034/109] Added some more quickstart documentation --- README.md | 44 +++++++++++++++++++++++++++++++++++++------- 1 file changed, 37 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 43a05cfe..019c61ce 100644 --- a/README.md +++ b/README.md @@ -16,11 +16,18 @@ +- [Overview](#overview) - [Purpose of this Project](#purpose-of-this-project) - [Quickstart](#quickstart) -- [How Does it Work?](#how-does-it-work) + - [Prerequisites](#prerequisites) + - [Deployment](#deployment) + - [Examples](#examples) +- [How does it work?](#how-does-it-work) - [Architecture](#architecture) -- [Roadmap](#roadmap) +- [License](#license) +- [Community](#community) +- [Contributing](#contributing) +- [Author Information](#author-information) For additional documentation aspects please have a look at our: @@ -57,9 +64,6 @@ There is a german article about [Security DevOps – Angreifern (immer) einen Sc kubectl create namespace securecodebox-system helm -n securecodebox-system install securecodebox-operator ./operator/ -# Elasticsearch Persistence Provider Deployment -helm install persistence-elastic ./persistence/persistence-elastic/ - # Deploy definitions for the integrated scanners helm install amass ./integrations/amass/ helm install kube-hunter ./integrations/kube-hunter/ @@ -67,12 +71,38 @@ helm install nikto ./integrations/nikto helm install nmap ./integrations/nmap/ helm install ssh-scan ./integrations/ssh_scan/ helm install sslyze ./integrations/sslyze/ +helm install trivy ./integrations/trivy/ helm install zap ./integrations/zap/ -# Now everything is installed. You can try deploying scans from the `operator/config/samples/` directory +# Optional Deploy some Demo Apps for scanning +helm install dummy-ssh ./demo-apps/dummy-ssh/ + +# Deploy secureCodeBox Hooks +helm install add-attributes ./hooks/add-attributes/ +helm install generic-webhook ./hooks/generic-webhook/ + +## Persistence Provider: Elasticsearch +helm install persistence-elastic ./hooks/persistence-elastic/ +``` +### Examples + +```bash +# Now everything is installed. You can try deploying scans from the `operator/config/samples/` directory +## Localhost Scan Examples +### E.g. localhost nmap scan +kubectl apply -f operator/config/samples/execution_v1_scan/nmap_localhost.yaml + +kubectl apply -f operator/config/samples/execution_v1_scan/kube-hunter_in_cluster.yaml +kubectl apply -f operator/config/samples/execution_v1_scan/trivy_mediawiki.yaml +kubectl apply -f operator/config/samples/execution_v1_scan/trivy_juiceshop.yaml +## Public Scan Examples # E.g. www.securecodebox.io sslyze scan -kubectl apply apply -f operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml +kubectl apply -f operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml +kubectl apply -f operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml +kubectl apply -f operator/config/samples/execution_v1_scan/nikto_securecodebox_io.yaml + +kubectl apply -f operator/config/samples/execution_v1_scan/ssh_iteratec_de.yaml # Then get the current State of the Scan by running: kubectl get scans ``` From ef1f865998cdf7f7fc3cf4c02aab06af4d18eecd Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Sat, 6 Jun 2020 14:14:13 +0200 Subject: [PATCH 035/109] Upgrading AMASS to version v.3.6.3 --- integrations/amass/templates/amass-scan-type.yaml | 2 +- .../samples/execution_v1_scan/amass_securecodebox_io.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/integrations/amass/templates/amass-scan-type.yaml b/integrations/amass/templates/amass-scan-type.yaml index 1736d5f5..b843f39b 100644 --- a/integrations/amass/templates/amass-scan-type.yaml +++ b/integrations/amass/templates/amass-scan-type.yaml @@ -16,7 +16,7 @@ spec: restartPolicy: OnFailure containers: - name: amass - image: caffix/amass:v3.5.4 + image: caffix/amass:v3.6.3 command: - "amass" - "enum" diff --git a/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml index a607f69e..e1264ddf 100644 --- a/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml +++ b/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml @@ -2,6 +2,7 @@ apiVersion: "execution.experimental.securecodebox.io/v1" kind: Scan metadata: name: "amass-securecodebox.io" + namespace: default labels: organization: "secureCodeBox" spec: From be8afb3ddea1d264d70049dbb7f9932c4d2cf0c4 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 8 Jun 2020 10:22:46 +0200 Subject: [PATCH 036/109] Added a new Hook "nmap-subsequent-scans" which implements an imperative scanner combination approach --- .github/workflows/ci.yaml | 8 + README.md | 20 +- hooks/nmap-subsequent-scans/.dockerignore | 1 + hooks/nmap-subsequent-scans/.gitignore | 1 + hooks/nmap-subsequent-scans/.helmignore | 30 +++ hooks/nmap-subsequent-scans/Chart.lock | 3 + hooks/nmap-subsequent-scans/Chart.yaml | 11 + hooks/nmap-subsequent-scans/Dockerfile | 3 + hooks/nmap-subsequent-scans/hook.js | 244 ++++++++++++++++++ hooks/nmap-subsequent-scans/hook.test.js | 2 + .../nmap-subsequent-scans/templates/NOTES.txt | 2 + .../templates/_helpers.tpl | 52 ++++ .../templates/nmap-subsequent-scans-hook.yaml | 19 ++ hooks/nmap-subsequent-scans/values.yaml | 9 + .../nmap_securecodebox_io.yaml | 10 + 15 files changed, 414 insertions(+), 1 deletion(-) create mode 100644 hooks/nmap-subsequent-scans/.dockerignore create mode 100644 hooks/nmap-subsequent-scans/.gitignore create mode 100644 hooks/nmap-subsequent-scans/.helmignore create mode 100644 hooks/nmap-subsequent-scans/Chart.lock create mode 100644 hooks/nmap-subsequent-scans/Chart.yaml create mode 100644 hooks/nmap-subsequent-scans/Dockerfile create mode 100644 hooks/nmap-subsequent-scans/hook.js create mode 100644 hooks/nmap-subsequent-scans/hook.test.js create mode 100644 hooks/nmap-subsequent-scans/templates/NOTES.txt create mode 100644 hooks/nmap-subsequent-scans/templates/_helpers.tpl create mode 100644 hooks/nmap-subsequent-scans/templates/nmap-subsequent-scans-hook.yaml create mode 100644 hooks/nmap-subsequent-scans/values.yaml create mode 100644 operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 38185123..19ca6847 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -214,6 +214,14 @@ jobs: repository: scbexperimental/generic-webhook path: ./hooks/generic-webhook/ tag_with_ref: true + - uses: docker/build-push-action@v1 + name: "Build & Push NmapSubsequentScans Hook Image" + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: scbexperimental/hook-nmap-subsequent-scans + path: ./hooks/nmap-subsequent-scans/ + tag_with_ref: true scannerImages: # Note we only build images for scanner that don't provider official public container images name: "Build / Scanner" diff --git a/README.md b/README.md index 019c61ce..8d815842 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,7 @@ - [Prerequisites](#prerequisites) - [Deployment](#deployment) - [Examples](#examples) + - [Access Services](#access-services) - [How does it work?](#how-does-it-work) - [Architecture](#architecture) - [License](#license) @@ -62,7 +63,7 @@ There is a german article about [Security DevOps – Angreifern (immer) einen Sc ```bash # Deploy secureCodeBox Operator kubectl create namespace securecodebox-system -helm -n securecodebox-system install securecodebox-operator ./operator/ +helm -n securecodebox-system install securecodebox-operator ./operator/ --set image.tag=hooks # Deploy definitions for the integrated scanners helm install amass ./integrations/amass/ @@ -73,6 +74,7 @@ helm install ssh-scan ./integrations/ssh_scan/ helm install sslyze ./integrations/sslyze/ helm install trivy ./integrations/trivy/ helm install zap ./integrations/zap/ +helm install wpscan ./integrations/wpscan/ # Optional Deploy some Demo Apps for scanning helm install dummy-ssh ./demo-apps/dummy-ssh/ @@ -80,6 +82,7 @@ helm install dummy-ssh ./demo-apps/dummy-ssh/ # Deploy secureCodeBox Hooks helm install add-attributes ./hooks/add-attributes/ helm install generic-webhook ./hooks/generic-webhook/ +helm install nmap-subsequent-scans ./hooks/nmap-subsequent-scans/ ## Persistence Provider: Elasticsearch helm install persistence-elastic ./hooks/persistence-elastic/ @@ -98,15 +101,30 @@ kubectl apply -f operator/config/samples/execution_v1_scan/trivy_mediawiki.yaml kubectl apply -f operator/config/samples/execution_v1_scan/trivy_juiceshop.yaml ## Public Scan Examples # E.g. www.securecodebox.io sslyze scan +kubectl apply -f operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml kubectl apply -f operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml kubectl apply -f operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml kubectl apply -f operator/config/samples/execution_v1_scan/nikto_securecodebox_io.yaml kubectl apply -f operator/config/samples/execution_v1_scan/ssh_iteratec_de.yaml +kubectl apply -f operator/config/samples/execution_v1_scan/wpscan_nurdemteam_org.yaml # Then get the current State of the Scan by running: kubectl get scans ``` +### Access Services + +* Minio UI + * AccessKey: `kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.accesskey}' | base64 --decode; echo` + * SecretKey: `kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.secretkey}' | base64 --decode; echo` + * Port Forward Minio UI: `kubectl port-forward -n securecodebox-system service/securecodebox-operator-minio 9000:9000` +* Elastic / Kibana UI + * User: `elastic` + * Password: `kubectl get secret scb-elasticsearch-es-elastic-user -n scb-analytics -o=jsonpath='{.data.elastic}' | base64 --decode; echo` + * Port Forward Kibana: `kubectl port-forward -n default service/persistence-elastic-kibana 5601:5601` + * Port Forward Elasticsearch: `kubectl port-forward -n default service/elasticsearch-master 9200:9200` + + ## How does it work? ## Architecture diff --git a/hooks/nmap-subsequent-scans/.dockerignore b/hooks/nmap-subsequent-scans/.dockerignore new file mode 100644 index 00000000..40b878db --- /dev/null +++ b/hooks/nmap-subsequent-scans/.dockerignore @@ -0,0 +1 @@ +node_modules/ \ No newline at end of file diff --git a/hooks/nmap-subsequent-scans/.gitignore b/hooks/nmap-subsequent-scans/.gitignore new file mode 100644 index 00000000..b512c09d --- /dev/null +++ b/hooks/nmap-subsequent-scans/.gitignore @@ -0,0 +1 @@ +node_modules \ No newline at end of file diff --git a/hooks/nmap-subsequent-scans/.helmignore b/hooks/nmap-subsequent-scans/.helmignore new file mode 100644 index 00000000..676a3554 --- /dev/null +++ b/hooks/nmap-subsequent-scans/.helmignore @@ -0,0 +1,30 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +# Node.js files +node_modules/* +package.json +package-lock.json +src/* +config/* +Dockerfile +.dockerignore \ No newline at end of file diff --git a/hooks/nmap-subsequent-scans/Chart.lock b/hooks/nmap-subsequent-scans/Chart.lock new file mode 100644 index 00000000..eb7f3a24 --- /dev/null +++ b/hooks/nmap-subsequent-scans/Chart.lock @@ -0,0 +1,3 @@ +dependencies: [] +digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 +generated: "2020-05-26T16:56:03.119255+02:00" diff --git a/hooks/nmap-subsequent-scans/Chart.yaml b/hooks/nmap-subsequent-scans/Chart.yaml new file mode 100644 index 00000000..011a743b --- /dev/null +++ b/hooks/nmap-subsequent-scans/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: nmap-subsequent-scans +description: Starts possible subsequent security scans based on nmap findings with open ports. + +type: application + +version: 0.1.0 + +appVersion: latest + +dependencies: [] diff --git a/hooks/nmap-subsequent-scans/Dockerfile b/hooks/nmap-subsequent-scans/Dockerfile new file mode 100644 index 00000000..ffe1db53 --- /dev/null +++ b/hooks/nmap-subsequent-scans/Dockerfile @@ -0,0 +1,3 @@ +FROM scbexperimental/hook-sdk-nodejs:latest +WORKDIR /home/app/hook-wrapper/hook/ +COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/nmap-subsequent-scans/hook.js b/hooks/nmap-subsequent-scans/hook.js new file mode 100644 index 00000000..fd3aef22 --- /dev/null +++ b/hooks/nmap-subsequent-scans/hook.js @@ -0,0 +1,244 @@ +const k8s = require('@kubernetes/client-node'); + +// configure k8s client +const kc = new k8s.KubeConfig(); +kc.loadFromDefault(); + +const k8sApiCRD = kc.makeApiClient(k8s.CustomObjectsApi); + +async function handle({ + getFindings, + attributeName = process.env["ATTRIBUTE_NAME"], + attributeValue = process.env["ATTRIBUTE_VALUE"], +}) { + + const findings = await getFindings(); + + console.log(findings); + + // const sslyzeYaml = k8s.dumpYaml(sslyzeJSONString); + // const sslyzeYaml = k8s.loadYaml(sslyzeScanDefinition); + + console.log(`Found #${findings.length} findings... trying to find possible subsequent security scans.`); + + for (const finding of findings) { + if(finding.category == "Open Port") { + console.log("Found open port finding for service: " + finding.attributes.port); + + if(finding.attributes.state = "open") { + + // search for HTTP ports and start subsequent Nikto Scan + if(finding.attributes.service == "http" ) { + console.log(" --> starting HTTP Service Scan: Nikto") + + startNiktoScan(finding.attributes.hostname, finding.attributes.port); + } + + // search for HTTPS ports and start subsequent SSLyze Scan + if(finding.attributes.service == "ssl" || finding.attributes.service == "https") { + console.log(" --> starting HTTP(S) Service Scan: SSLyze") + startSSLyzeScan(finding.attributes.hostname, finding.attributes.port); + + console.log(" --> starting HTTP(S) Service Scan: ZAP Baseline Scan") + startZAPBaselineScan(finding.attributes.hostname, finding.attributes.port); + } + + // search for HTTPS ports and start subsequent SSH Scan + if(finding.attributes.service == "ssh" ) { + console.log(" --> starting SSH Service Scan: SSH") + + startSSHScan(finding.attributes.hostname, finding.attributes.port); + } + } + } + } + + // const k8sApi = kc.makeApiClient(k8s.CoreV1Api); + + // console.log("list namespaced Pods") + // k8sApi.listNamespacedPod('default').then((res) => { + // console.log(res.body); + // }); + + // const k8sApiCRD = kc.makeApiClient(k8s.CustomObjectsApi); + + // // found at: https://github.com/kubernetes-client/javascript/issues/144 + // console.log("list namespaced CRDs") + // k8sApiCRD.listNamespacedCustomObject( + // 'execution.experimental.securecodebox.io', + // 'v1', + // 'default', + // 'scans', + // 'false' + // ).then((res) => { + // console.log(res.body); + // }); +} + +/** + * Creates a new subsequent SCB ZAP Scan for the given hostname. + * @param {*} hostname The hostname to start a new subsequent ZAP scan for. + * @param {*} port The port to start a new subsequent ZAP scan for. + */ +function startZAPBaselineScan(hostname, port) { + const zapScanDefinition = { + apiVersion: "execution.experimental.securecodebox.io/v1", + kind: "Scan", + metadata: { + "name": "zap-" + hostname.toLowerCase(), + "labels": { + "organization": "secureCodeBox" + } + }, + spec: { + "scanType": "zap-baseline", + "parameters": [ + "-t", + "https://" + hostname + ":" + port + ] + } + }; + + // Starting another subsequent sslyze scan based on the nmap results + // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 + k8sApiCRD.createNamespacedCustomObject( + 'execution.experimental.securecodebox.io', + 'v1', + 'default', + 'scans', + zapScanDefinition, + 'false' + ).then((res) => { + console.log(res.body); + }) + .catch((e) => { + console.log(e); + }); +} + +/** + * Creates a new subsequent SCB SSH Scan for the given hostname. + * @param {*} hostname The hostname to start a new subsequent SSH scan for. + * @param {*} port The port to start a new subsequent SSH scan for. + */ +function startSSHScan(hostname, port) { + const sshScanDefintion = { + "apiVersion": "execution.experimental.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "name": "ssh-" + hostname.toLowerCase(), + "labels": { + "organization": "secureCodeBox" + } + }, + "spec": { + "scanType": "ssh-scan", + "parameters": [ + "-t", + hostname + ] + } + }; + + // Starting another subsequent sslyze scan based on the nmap results + // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 + k8sApiCRD.createNamespacedCustomObject( + 'execution.experimental.securecodebox.io', + 'v1', + 'default', + 'scans', + sshScanDefintion, + 'false' + ).then((res) => { + console.log(res.body); + }) + .catch((e) => { + console.log(e); + }); +} + +/** + * Creates a new subsequent SCB Nikto Scan for the given hostname. + * @param {*} hostname The hostname to start a new subsequent Nikto scan for. + * @param {*} port The port to start a new subsequent Nikto scan for. + */ +function startNiktoScan(hostname, port) { + const niktoScanDefinition = { + "apiVersion": "execution.experimental.securecodebox.io/v1", + "kind": "Scan", + "metadata": { + "name": "nikto-" + hostname.toLowerCase(), + "labels": { + "organization": "secureCodeBox" + } + }, + "spec": { + "scanType": "nikto", + "parameters": [ + "-h", + "https://" + hostname, + "-Tuning", + "1,2,3,5,7,b" + ] + } + }; + + // Starting another subsequent sslyze scan based on the nmap results + // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 + k8sApiCRD.createNamespacedCustomObject( + 'execution.experimental.securecodebox.io', + 'v1', + 'default', + 'scans', + niktoScanDefinition, + 'false' + ).then((res) => { + console.log(res.body); + }) + .catch((e) => { + console.log(e); + }); +} + +/** + * Creates a new subsequent SCB SSLyze Scan for the given hostname. + * @param {*} hostname The hostname to start a new subsequent SSLyze scan for. + * @param {*} port The port to start a new subsequent SSLyze scan for. + */ +function startSSLyzeScan(hostname, port) { + const sslyzeScanDefinition = { + apiVersion: 'execution.experimental.securecodebox.io/v1', + kind: 'Scan', + metadata: { + "name": "sslyze-" + hostname.toLowerCase(), + "labels": { + "organization": "secureCodeBox" + } + }, + "spec": { + "scanType": "sslyze", + "parameters": [ + "--regular", + hostname + ] + } + }; + + // Starting another subsequent sslyze scan based on the nmap results + // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 + k8sApiCRD.createNamespacedCustomObject( + 'execution.experimental.securecodebox.io', + 'v1', + 'default', + 'scans', + sslyzeScanDefinition, + 'false' + ).then((res) => { + console.log(res.body); + }) + .catch((e) => { + console.log(e); + }); +} + +module.exports.handle = handle; diff --git a/hooks/nmap-subsequent-scans/hook.test.js b/hooks/nmap-subsequent-scans/hook.test.js new file mode 100644 index 00000000..5ac3cdbc --- /dev/null +++ b/hooks/nmap-subsequent-scans/hook.test.js @@ -0,0 +1,2 @@ +const { handle } = require("./hook"); + diff --git a/hooks/nmap-subsequent-scans/templates/NOTES.txt b/hooks/nmap-subsequent-scans/templates/NOTES.txt new file mode 100644 index 00000000..e4e0ae44 --- /dev/null +++ b/hooks/nmap-subsequent-scans/templates/NOTES.txt @@ -0,0 +1,2 @@ +nmap-subsequent-scans Hook deployed. +This will start possible subsequent security scans based on nmap findings with open ports. \ No newline at end of file diff --git a/hooks/nmap-subsequent-scans/templates/_helpers.tpl b/hooks/nmap-subsequent-scans/templates/_helpers.tpl new file mode 100644 index 00000000..645c5765 --- /dev/null +++ b/hooks/nmap-subsequent-scans/templates/_helpers.tpl @@ -0,0 +1,52 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "nmap-subsequent-scans.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "nmap-subsequent-scans.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "nmap-subsequent-scans.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "nmap-subsequent-scans.labels" -}} +helm.sh/chart: {{ include "nmap-subsequent-scans.chart" . }} +{{ include "nmap-subsequent-scans.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "nmap-subsequent-scans.selectorLabels" -}} +app.kubernetes.io/name: {{ include "nmap-subsequent-scans.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} diff --git a/hooks/nmap-subsequent-scans/templates/nmap-subsequent-scans-hook.yaml b/hooks/nmap-subsequent-scans/templates/nmap-subsequent-scans-hook.yaml new file mode 100644 index 00000000..354abfdb --- /dev/null +++ b/hooks/nmap-subsequent-scans/templates/nmap-subsequent-scans-hook.yaml @@ -0,0 +1,19 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: ScanCompletionHook +metadata: + name: {{ include "nmap-subsequent-scans.fullname" . }} +spec: + type: ReadOnly + {{- if .Values.image.registry }} + {{- if .Values.image.digest }} + image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" + {{- else }} + image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{- end }} + {{- else }} + {{- if .Values.image.digest }} + image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}" + {{- else }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{- end }} + {{- end }} \ No newline at end of file diff --git a/hooks/nmap-subsequent-scans/values.yaml b/hooks/nmap-subsequent-scans/values.yaml new file mode 100644 index 00000000..88771d9f --- /dev/null +++ b/hooks/nmap-subsequent-scans/values.yaml @@ -0,0 +1,9 @@ +# Default values for dispatcher. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + registry: docker.io + repository: scbexperimental/hook-nmap-subsequent-scans + tag: latest + digest: null diff --git a/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml new file mode 100644 index 00000000..9b2b3a72 --- /dev/null +++ b/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml @@ -0,0 +1,10 @@ +apiVersion: execution.experimental.securecodebox.io/v1 +kind: Scan +metadata: + name: nmap-securecodebox.io + namespace: default +spec: + parameters: + - -Pn + - secureCodeBox.io + scanType: nmap From dfd71d60b46eeb8af1c2e0c955dbd1d90164845c Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 8 Jun 2020 10:25:07 +0200 Subject: [PATCH 037/109] Added a new scanner integration (WIP) for WPScan --- integrations/wpscan/.helmignore | 4 + integrations/wpscan/Chart.yaml | 21 ++ integrations/wpscan/parser/Dockerfile | 3 + .../parser/__testFiles__/empty-localhost.json | 2 + .../parser/__testFiles__/example-latest.json | 228 ++++++++++++++++ .../parser/__testFiles__/example-old.json | 243 ++++++++++++++++++ integrations/wpscan/parser/parser.js | 63 +++++ integrations/wpscan/parser/parser.test.js | 135 ++++++++++ .../templates/wpscan-parse-definition.yaml | 7 + .../wpscan/templates/wpscan-scan-type.yaml | 24 ++ integrations/wpscan/values.yaml | 4 + 11 files changed, 734 insertions(+) create mode 100644 integrations/wpscan/.helmignore create mode 100644 integrations/wpscan/Chart.yaml create mode 100644 integrations/wpscan/parser/Dockerfile create mode 100644 integrations/wpscan/parser/__testFiles__/empty-localhost.json create mode 100644 integrations/wpscan/parser/__testFiles__/example-latest.json create mode 100644 integrations/wpscan/parser/__testFiles__/example-old.json create mode 100644 integrations/wpscan/parser/parser.js create mode 100644 integrations/wpscan/parser/parser.test.js create mode 100644 integrations/wpscan/templates/wpscan-parse-definition.yaml create mode 100644 integrations/wpscan/templates/wpscan-scan-type.yaml create mode 100644 integrations/wpscan/values.yaml diff --git a/integrations/wpscan/.helmignore b/integrations/wpscan/.helmignore new file mode 100644 index 00000000..fedb362b --- /dev/null +++ b/integrations/wpscan/.helmignore @@ -0,0 +1,4 @@ +.DS_Store + +parser/ +scanner/ \ No newline at end of file diff --git a/integrations/wpscan/Chart.yaml b/integrations/wpscan/Chart.yaml new file mode 100644 index 00000000..ce785e7b --- /dev/null +++ b/integrations/wpscan/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v2 +name: wpscan +description: A Helm chart for the WordPress security Scanner that integrates with the secureCodeBox. + +type: application +version: 0.1.0 +appVersion: latest + +keywords: +- security +- wpscan +- wordpress +- scanner +- secureCodeBox +home: https://www.securecodebox.io/scanner/WPScan +icon: https://www.securecodebox.io/integrationIcons/WPScan.svg +sources: +- https://github.com/secureCodeBox/scanner-infrastructure-wpscan +maintainers: +- name: iteratec GmbH + email: security@iteratec.com diff --git a/integrations/wpscan/parser/Dockerfile b/integrations/wpscan/parser/Dockerfile new file mode 100644 index 00000000..462084a7 --- /dev/null +++ b/integrations/wpscan/parser/Dockerfile @@ -0,0 +1,3 @@ +FROM scbexperimental/parser-sdk-nodejs:latest +WORKDIR /home/app/parser-wrapper/parser/ +COPY --chown=app:app ./parser.js ./parser.js diff --git a/integrations/wpscan/parser/__testFiles__/empty-localhost.json b/integrations/wpscan/parser/__testFiles__/empty-localhost.json new file mode 100644 index 00000000..7a73a41b --- /dev/null +++ b/integrations/wpscan/parser/__testFiles__/empty-localhost.json @@ -0,0 +1,2 @@ +{ +} \ No newline at end of file diff --git a/integrations/wpscan/parser/__testFiles__/example-latest.json b/integrations/wpscan/parser/__testFiles__/example-latest.json new file mode 100644 index 00000000..76fb9f2a --- /dev/null +++ b/integrations/wpscan/parser/__testFiles__/example-latest.json @@ -0,0 +1,228 @@ +{ + "banner": { + "description": "WordPress Security Scanner by the WPScan Team", + "version": "3.8.1", + "authors": [ + "@_WPScan_", + "@ethicalhack3r", + "@erwan_lr", + "@firefart" + ], + "sponsor": "Sponsored by Automattic - https://automattic.com/" + }, + "start_time": 1591480247, + "start_memory": 41349120, + "target_url": "https://www.example.com/", + "target_ip": "192.168.200.100", + "effective_url": "https://www.example.com/", + "interesting_findings": [ + { + "url": "https://www.example.com/", + "to_s": "Headers", + "type": "headers", + "found_by": "Headers (Passive Detection)", + "confidence": 100, + "confirmed_by": { + + }, + "references": { + + }, + "interesting_entries": [ + "Server: Apache/2.4.29 (Ubuntu)" + ] + }, + { + "url": "https://www.example.com/robots.txt", + "to_s": "https://www.example.com/robots.txt", + "type": "robots_txt", + "found_by": "Robots Txt (Aggressive Detection)", + "confidence": 100, + "confirmed_by": { + + }, + "references": { + + }, + "interesting_entries": [ + "/wp-admin/", + "/wp-admin/admin-ajax.php" + ] + }, + { + "url": "https://www.example.com/readme.html", + "to_s": "https://www.example.com/readme.html", + "type": "readme", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 100, + "confirmed_by": { + + }, + "references": { + + }, + "interesting_entries": [ + + ] + }, + { + "url": "https://www.example.com/wp-content/mu-plugins/", + "to_s": "This site has 'Must Use Plugins': https://www.example.com/wp-content/mu-plugins/", + "type": "mu_plugins", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 80, + "confirmed_by": { + + }, + "references": { + "url": [ + "http://codex.wordpress.org/Must_Use_Plugins" + ] + }, + "interesting_entries": [ + + ] + }, + { + "url": "https://www.example.com/wp-cron.php", + "to_s": "The external WP-Cron seems to be enabled: https://www.example.com/wp-cron.php", + "type": "wp_cron", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 60, + "confirmed_by": { + + }, + "references": { + "url": [ + "https://www.iplocation.net/defend-wordpress-from-ddos", + "https://github.com/wpscanteam/wpscan/issues/1299" + ] + }, + "interesting_entries": [ + + ] + } + ], + "version": { + "number": "5.3.3", + "release_date": "2020-04-29", + "status": "latest", + "found_by": "Rss Generator (Passive Detection)", + "confidence": 100, + "interesting_entries": [ + "https://www.example.com/feed/, https://wordpress.org/?v=5.3.3", + "https://www.example.com/comments/feed/, https://wordpress.org/?v=5.3.3" + ], + "confirmed_by": { + + }, + "vulnerabilities": [ + + ] + }, + "main_theme": { + "slug": "twentyseventeen", + "location": "https://www.example.com/wp-content/themes/twentyseventeen/", + "latest_version": "2.3", + "last_updated": "2020-03-31T00:00:00.000Z", + "outdated": true, + "readme_url": "https://www.example.com/wp-content/themes/twentyseventeen/README.txt", + "directory_listing": false, + "error_log_url": null, + "style_url": "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3", + "style_name": "Twenty Seventeen", + "style_uri": "https://wordpress.org/themes/twentyseventeen/", + "description": "Twenty Seventeen brings your site to life with header video and immersive featured images. With a focus on business sites, it features multiple sections on the front page as well as widgets, navigation and social menus, a logo, and more. Personalize its asymmetrical grid with a custom color scheme and showcase your multimedia content with post formats. Our default theme for 2017 works great in many languages, for any abilities, and on any device.", + "author": "the WordPress team", + "author_uri": "https://wordpress.org/", + "template": null, + "license": "GNU General Public License v2 or later", + "license_uri": "http://www.gnu.org/licenses/gpl-2.0.html", + "tags": "one-column, two-columns, right-sidebar, flexible-header, accessibility-ready, custom-colors, custom-header, custom-menu, custom-logo, editor-style, featured-images, footer-widgets, post-formats, rtl-language-support, sticky-post, theme-options, threaded-comments, translation-ready", + "text_domain": "twentyseventeen", + "found_by": "Css Style In Homepage (Passive Detection)", + "confidence": 100, + "interesting_entries": [ + + ], + "confirmed_by": { + "Css Style In 404 Page (Passive Detection)": { + "confidence": 70, + "interesting_entries": [ + + ] + } + }, + "vulnerabilities": [ + + ], + "version": { + "number": "2.2", + "confidence": 80, + "found_by": "Style (Passive Detection)", + "interesting_entries": [ + "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3, Match: 'Version: 2.2'" + ], + "confirmed_by": { + + } + }, + "parents": [ + + ] + }, + "plugins": { + "akismet": { + "slug": "akismet", + "location": "https://www.example.com/wp-content/plugins/akismet/", + "latest_version": "4.1.6", + "last_updated": "2020-06-04T17:21:00.000Z", + "outdated": false, + "readme_url": false, + "directory_listing": false, + "error_log_url": null, + "found_by": "Known Locations (Aggressive Detection)", + "confidence": 80, + "interesting_entries": [ + "https://www.example.com/wp-content/plugins/akismet/, status: 403" + ], + "confirmed_by": { + + }, + "vulnerabilities": [ + { + "title": "Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)", + "fixed_in": "3.1.5", + "references": { + "cve": [ + "2015-9357" + ], + "url": [ + "http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/", + "https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html" + ], + "wpvulndb": [ + "8215" + ] + } + } + ], + "version": null + } + }, + "vuln_api": { + "plan": "free", + "requests_done_during_scan": 4, + "requests_remaining": 18 + }, + "stop_time": 1591480342, + "elapsed": 94, + "requests_done": 2335, + "cached_requests": 9, + "data_sent": 631774, + "data_sent_humanised": "616.967 KB", + "data_received": 1093069, + "data_received_humanised": "1.042 MB", + "used_memory": 272867328, + "used_memory_humanised": "260.227 MB" + } \ No newline at end of file diff --git a/integrations/wpscan/parser/__testFiles__/example-old.json b/integrations/wpscan/parser/__testFiles__/example-old.json new file mode 100644 index 00000000..7f927e32 --- /dev/null +++ b/integrations/wpscan/parser/__testFiles__/example-old.json @@ -0,0 +1,243 @@ +{ + "banner": { + "description": "WordPress Security Scanner by the WPScan Team", + "version": "3.8.1", + "authors": [ + "@_WPScan_", + "@ethicalhack3r", + "@erwan_lr", + "@firefart" + ], + "sponsor": "Sponsored by Automattic - https://automattic.com/" + }, + "start_time": 1591480670, + "start_memory": 41410560, + "target_url": "https://www.example.com/", + "target_ip": "192.168.0.123", + "effective_url": "https://www.example.com/", + "interesting_findings": [ + { + "url": "https://www.example.com/", + "to_s": "Headers", + "type": "headers", + "found_by": "Headers (Passive Detection)", + "confidence": 100, + "confirmed_by": { + + }, + "references": { + + }, + "interesting_entries": [ + "server: Apache", + "x-cache-handler: php" + ] + }, + { + "url": "https://www.example.com/robots.txt", + "to_s": "https://www.example.com/robots.txt", + "type": "robots_txt", + "found_by": "Robots Txt (Aggressive Detection)", + "confidence": 100, + "confirmed_by": { + + }, + "references": { + + }, + "interesting_entries": [ + "/wp-admin/", + "/wp-admin/admin-ajax.php" + ] + }, + { + "url": "https://www.example.com/xmlrpc.php", + "to_s": "XML-RPC seems to be enabled: https://www.example.com/xmlrpc.php", + "type": "xmlrpc", + "found_by": "Headers (Passive Detection)", + "confidence": 100, + "confirmed_by": { + "Direct Access (Aggressive Detection)": { + "confidence": 100 + } + }, + "references": { + "url": [ + "http://codex.wordpress.org/XML-RPC_Pingback_API" + ], + "metasploit": [ + "auxiliary/scanner/http/wordpress_ghost_scanner", + "auxiliary/dos/http/wordpress_xmlrpc_dos", + "auxiliary/scanner/http/wordpress_xmlrpc_login", + "auxiliary/scanner/http/wordpress_pingback_access" + ] + }, + "interesting_entries": [ + + ] + }, + { + "url": "https://www.example.com/liesmich.html", + "to_s": "https://www.example.com/liesmich.html", + "type": "readme", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 100, + "confirmed_by": { + + }, + "references": { + + }, + "interesting_entries": [ + + ] + }, + { + "url": "https://www.example.com/wp-cron.php", + "to_s": "The external WP-Cron seems to be enabled: https://www.example.com/wp-cron.php", + "type": "wp_cron", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 60, + "confirmed_by": { + + }, + "references": { + "url": [ + "https://www.iplocation.net/defend-wordpress-from-ddos", + "https://github.com/wpscanteam/wpscan/issues/1299" + ] + }, + "interesting_entries": [ + + ] + } + ], + "version": { + "number": "4.8.13", + "release_date": "2020-04-29", + "status": "latest", + "found_by": "Style Etag (Aggressive Detection)", + "confidence": 100, + "interesting_entries": [ + "https://www.example.com/wp-admin/load-styles.php, Match: '4.8.13'" + ], + "confirmed_by": { + "Query Parameter In Install Page (Aggressive Detection)": { + "confidence": 90, + "interesting_entries": [ + "https://www.example.com/wp-includes/css/buttons.min.css?ver=4.8.13", + "https://www.example.com/wp-admin/css/install.min.css?ver=4.8.13", + "https://www.example.com/wp-includes/css/dashicons.min.css?ver=4.8.13" + ] + } + }, + "vulnerabilities": [ + + ] + }, + "main_theme": { + "slug": "jupiter", + "location": "https://www.example.com/wp-content/themes/jupiter/", + "latest_version": null, + "last_updated": null, + "outdated": false, + "readme_url": false, + "directory_listing": false, + "error_log_url": null, + "style_url": "https://www.example.com/wp-content/themes/jupiter/style.css", + "style_name": "Jupiter", + "style_uri": "http://demos.artbees.net/jupiter5", + "description": "A Beautiful, Professional and Ultimate Wordpress Theme Made by Artbees. Jupiter is a Clean, Flexible, fully responsive and retina ready Wordpress theme. Its smart and hand crafted environment allows you to Build outstanding websites easy and fast.", + "author": "Artbees", + "author_uri": "http://themeforest.net/user/artbees", + "template": null, + "license": "GNU General Public License v2.0", + "license_uri": "http://www.gnu.org/licenses/gpl-2.0.html", + "tags": null, + "text_domain": "mk_framework", + "found_by": "Urls In Homepage (Passive Detection)", + "confidence": 22, + "interesting_entries": [ + + ], + "confirmed_by": { + "Urls In 404 Page (Passive Detection)": { + "confidence": 10, + "interesting_entries": [ + + ] + } + }, + "vulnerabilities": [ + + ], + "version": { + "number": "5.9.5", + "confidence": 80, + "found_by": "Style (Passive Detection)", + "interesting_entries": [ + "https://www.example.com/wp-content/themes/jupiter/style.css, Match: 'Version: 5.9.5'" + ], + "confirmed_by": { + + } + }, + "parents": [ + + ] + }, + "plugins": { + "akismet": { + "slug": "akismet", + "location": "https://www.example.com/wp-content/plugins/akismet/", + "latest_version": "4.1.6", + "last_updated": "2020-06-04T17:21:00.000Z", + "outdated": false, + "readme_url": false, + "directory_listing": false, + "error_log_url": null, + "found_by": "Known Locations (Aggressive Detection)", + "confidence": 80, + "interesting_entries": [ + "https://www.example.com/wp-content/plugins/akismet/, status: 403" + ], + "confirmed_by": { + + }, + "vulnerabilities": [ + { + "title": "Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)", + "fixed_in": "3.1.5", + "references": { + "cve": [ + "2015-9357" + ], + "url": [ + "http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/", + "https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html" + ], + "wpvulndb": [ + "8215" + ] + } + } + ], + "version": null + } + }, + "vuln_api": { + "plan": "free", + "requests_done_during_scan": 26, + "requests_remaining": 0 + }, + "stop_time": 1591481357, + "elapsed": 687, + "requests_done": 2442, + "cached_requests": 33, + "data_sent": 621290, + "data_sent_humanised": "606.729 KB", + "data_received": 2969029, + "data_received_humanised": "2.831 MB", + "used_memory": 265818112, + "used_memory_humanised": "253.504 MB" + } \ No newline at end of file diff --git a/integrations/wpscan/parser/parser.js b/integrations/wpscan/parser/parser.js new file mode 100644 index 00000000..d3bb1427 --- /dev/null +++ b/integrations/wpscan/parser/parser.js @@ -0,0 +1,63 @@ +/** + * Convert the WPScan file / json into secureCodeBox Findings + */ +async function parse(scanResults) { + + const wpscanVersion = scanResults.banner.version; + const wpscanRequestsDone = scanResults.requests_done; + + const targetUrl = scanResults.target_url; + const targetIp = scanResults.target_ip; + + const wp = scanResults.version + + const findings = []; + + // add a general INFORMATIONAL summary finding + findings.push({ + name: "WordPress Service", + description: "WordPress Service Information", + category: "WordPress Service", + location: targetUrl, + osi_layer: "APPLICATION", + severity: "INFORMATIONAL", + reference: {}, + confidence: wp.confidence, + attributes: { + ip_address: targetIp, + wpscan_version: wpscanVersion, + wpscan_requests: wpscanRequestsDone, + wp_version: wp.number, + wp_release_date: wp.release_date, + wp_release_status: wp.status, + wp_interesting_entries: wp.interesting_entries, + wp_found_by: wp.found_by, + wp_confirmed_by: wp.confirmed_by, + wp_vulnerabilities: wp.vulnerabilities + }, + }); + + // add all interesting findings as INFORMATIONAL + for (const interestingFinding of scanResults.interesting_findings) { + //console.log(interestingFinding); + findings.push({ + name: "WordPress finding '"+ interestingFinding.type + "'", + description: interestingFinding.to_s, + category: "WordPress " + interestingFinding.type, + location: interestingFinding.url, + osi_layer: "APPLICATION", + severity: "INFORMATIONAL", + confidence: interestingFinding.confidence, + reference: {}, + attributes: { + wp_interesting_entries: interestingFinding.interesting_entries, + wp_found_by: interestingFinding.found_by, + wp_confirmed_by: interestingFinding.confirmed_by + }, + }); + } + + return findings; +} + +module.exports.parse = parse; diff --git a/integrations/wpscan/parser/parser.test.js b/integrations/wpscan/parser/parser.test.js new file mode 100644 index 00000000..3490bd46 --- /dev/null +++ b/integrations/wpscan/parser/parser.test.js @@ -0,0 +1,135 @@ +const fs = require("fs"); +const util = require("util"); + +// eslint-disable-next-line security/detect-non-literal-fs-filename +const readFile = util.promisify(fs.readFile); + +const { parse } = require("./parser"); + +// test("WPScan parser parses errored result (no Wordpress server) to zero findings", async () => { +// const hosts = JSON.parse( +// await readFile(__dirname + "/__testFiles__/empty-localhost.json", { +// encoding: "utf8" +// }) +// ); + +// expect(await parse(hosts)).toEqual([]); +// }); + +test("WPScan parser parses a successfull scan result with at least one informational finding", async () => { + const scanResults = JSON.parse( + await readFile(__dirname + "/__testFiles__/example-latest.json", { + encoding: "utf8" + }) + ); + + expect(await parse(scanResults)).toMatchInlineSnapshot(` + Array [ + Object { + "attributes": Object { + "ip_address": "192.168.200.100", + "wp_confirmed_by": Object {}, + "wp_found_by": "Rss Generator (Passive Detection)", + "wp_interesting_entries": Array [ + "https://www.example.com/feed/, https://wordpress.org/?v=5.3.3", + "https://www.example.com/comments/feed/, https://wordpress.org/?v=5.3.3", + ], + "wp_release_date": "2020-04-29", + "wp_release_status": "latest", + "wp_version": "5.3.3", + "wp_vulnerabilities": Array [], + "wpscan_requests": 2335, + "wpscan_version": "3.8.1", + }, + "category": "WordPress Service", + "confidence": 100, + "description": "WordPress Service Information", + "location": "https://www.example.com/", + "name": "WordPress Service", + "osi_layer": "APPLICATION", + "reference": Object {}, + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "wp_confirmed_by": Object {}, + "wp_found_by": "Headers (Passive Detection)", + "wp_interesting_entries": Array [ + "Server: Apache/2.4.29 (Ubuntu)", + ], + }, + "category": "WordPress headers", + "confidence": 100, + "description": "Headers", + "location": "https://www.example.com/", + "name": "WordPress finding 'headers'", + "osi_layer": "APPLICATION", + "reference": Object {}, + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "wp_confirmed_by": Object {}, + "wp_found_by": "Robots Txt (Aggressive Detection)", + "wp_interesting_entries": Array [ + "/wp-admin/", + "/wp-admin/admin-ajax.php", + ], + }, + "category": "WordPress robots_txt", + "confidence": 100, + "description": "https://www.example.com/robots.txt", + "location": "https://www.example.com/robots.txt", + "name": "WordPress finding 'robots_txt'", + "osi_layer": "APPLICATION", + "reference": Object {}, + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "wp_confirmed_by": Object {}, + "wp_found_by": "Direct Access (Aggressive Detection)", + "wp_interesting_entries": Array [], + }, + "category": "WordPress readme", + "confidence": 100, + "description": "https://www.example.com/readme.html", + "location": "https://www.example.com/readme.html", + "name": "WordPress finding 'readme'", + "osi_layer": "APPLICATION", + "reference": Object {}, + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "wp_confirmed_by": Object {}, + "wp_found_by": "Direct Access (Aggressive Detection)", + "wp_interesting_entries": Array [], + }, + "category": "WordPress mu_plugins", + "confidence": 80, + "description": "This site has 'Must Use Plugins': https://www.example.com/wp-content/mu-plugins/", + "location": "https://www.example.com/wp-content/mu-plugins/", + "name": "WordPress finding 'mu_plugins'", + "osi_layer": "APPLICATION", + "reference": Object {}, + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "wp_confirmed_by": Object {}, + "wp_found_by": "Direct Access (Aggressive Detection)", + "wp_interesting_entries": Array [], + }, + "category": "WordPress wp_cron", + "confidence": 60, + "description": "The external WP-Cron seems to be enabled: https://www.example.com/wp-cron.php", + "location": "https://www.example.com/wp-cron.php", + "name": "WordPress finding 'wp_cron'", + "osi_layer": "APPLICATION", + "reference": Object {}, + "severity": "INFORMATIONAL", + }, + ] + `); +}); \ No newline at end of file diff --git a/integrations/wpscan/templates/wpscan-parse-definition.yaml b/integrations/wpscan/templates/wpscan-parse-definition.yaml new file mode 100644 index 00000000..c999b050 --- /dev/null +++ b/integrations/wpscan/templates/wpscan-parse-definition.yaml @@ -0,0 +1,7 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: ParseDefinition +metadata: + name: "wpscan-json" +spec: + handlesResultsType: wpscan-json + image: "{{ .Values.parserImage.registry }}/{{ .Values.parserImage.repository }}:{{ .Values.parserImage.tag }}" diff --git a/integrations/wpscan/templates/wpscan-scan-type.yaml b/integrations/wpscan/templates/wpscan-scan-type.yaml new file mode 100644 index 00000000..3e65270c --- /dev/null +++ b/integrations/wpscan/templates/wpscan-scan-type.yaml @@ -0,0 +1,24 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: ScanType +metadata: + name: "wpscan" +spec: + name: "wpscan" + extractResults: + type: wpscan-json + location: "/home/securecodebox/wpscan-results.json" + jobTemplate: + spec: + ttlSecondsAfterFinished: 10 + template: + spec: + restartPolicy: OnFailure + containers: + - name: wpscan + image: wpscanteam/wpscan:latest + command: + - "wpscan" + - "-o" + - "/home/securecodebox/wpscan-results.json" + - "-f" + - json \ No newline at end of file diff --git a/integrations/wpscan/values.yaml b/integrations/wpscan/values.yaml new file mode 100644 index 00000000..3e1e1ddc --- /dev/null +++ b/integrations/wpscan/values.yaml @@ -0,0 +1,4 @@ +parserImage: + registry: docker.io + repository: scbexperimental/parser-wpscan + tag: latest From 65cd9a400408194975e6378a8daafbe6fc8fc721 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 8 Jun 2020 10:30:40 +0200 Subject: [PATCH 038/109] Fixing testpipeline errors --- hooks/nmap-subsequent-scans/hook.js | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/hooks/nmap-subsequent-scans/hook.js b/hooks/nmap-subsequent-scans/hook.js index fd3aef22..c5ec5f24 100644 --- a/hooks/nmap-subsequent-scans/hook.js +++ b/hooks/nmap-subsequent-scans/hook.js @@ -7,9 +7,7 @@ kc.loadFromDefault(); const k8sApiCRD = kc.makeApiClient(k8s.CustomObjectsApi); async function handle({ - getFindings, - attributeName = process.env["ATTRIBUTE_NAME"], - attributeValue = process.env["ATTRIBUTE_VALUE"], + getFindings }) { const findings = await getFindings(); @@ -29,24 +27,18 @@ async function handle({ // search for HTTP ports and start subsequent Nikto Scan if(finding.attributes.service == "http" ) { - console.log(" --> starting HTTP Service Scan: Nikto") - startNiktoScan(finding.attributes.hostname, finding.attributes.port); } // search for HTTPS ports and start subsequent SSLyze Scan if(finding.attributes.service == "ssl" || finding.attributes.service == "https") { - console.log(" --> starting HTTP(S) Service Scan: SSLyze") startSSLyzeScan(finding.attributes.hostname, finding.attributes.port); - console.log(" --> starting HTTP(S) Service Scan: ZAP Baseline Scan") startZAPBaselineScan(finding.attributes.hostname, finding.attributes.port); } // search for HTTPS ports and start subsequent SSH Scan if(finding.attributes.service == "ssh" ) { - console.log(" --> starting SSH Service Scan: SSH") - startSSHScan(finding.attributes.hostname, finding.attributes.port); } } @@ -81,6 +73,8 @@ async function handle({ * @param {*} port The port to start a new subsequent ZAP scan for. */ function startZAPBaselineScan(hostname, port) { + console.log(" --> starting subsequent ZAP Scan for host: " + hostname + ":" + port); + const zapScanDefinition = { apiVersion: "execution.experimental.securecodebox.io/v1", kind: "Scan", @@ -122,6 +116,8 @@ function startZAPBaselineScan(hostname, port) { * @param {*} port The port to start a new subsequent SSH scan for. */ function startSSHScan(hostname, port) { + console.log(" --> starting subsequent SSH Scan for host: " + hostname + ":" + port); + const sshScanDefintion = { "apiVersion": "execution.experimental.securecodebox.io/v1", "kind": "Scan", @@ -163,6 +159,8 @@ function startSSHScan(hostname, port) { * @param {*} port The port to start a new subsequent Nikto scan for. */ function startNiktoScan(hostname, port) { + console.log(" --> starting subsequent Nikto Scan for host: " + hostname + ":" + port); + const niktoScanDefinition = { "apiVersion": "execution.experimental.securecodebox.io/v1", "kind": "Scan", @@ -206,6 +204,8 @@ function startNiktoScan(hostname, port) { * @param {*} port The port to start a new subsequent SSLyze scan for. */ function startSSLyzeScan(hostname, port) { + console.log(" --> starting subsequent SSLyze Scan for host: " + hostname + ":" + port); + const sslyzeScanDefinition = { apiVersion: 'execution.experimental.securecodebox.io/v1', kind: 'Scan', From 0099dc3ecadcaedbdb33e3afcecbc92e9e090b35 Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Mon, 8 Jun 2020 12:50:07 +0200 Subject: [PATCH 039/109] Add dummy scanner for hook integration tests To perform integration tests to ensure the functionality of the read-only and read-write hooks we need to have a dummy scanner with no dependencies to a real scanner or parser. --- integrations/read-write-hook-test/.helmignore | 4 + integrations/read-write-hook-test/Chart.yaml | 22 +++ .../read-write-hook-test/parser/.dockerignore | 1 + .../read-write-hook-test/parser/.gitignore | 1 + .../read-write-hook-test/parser/Dockerfile | 10 ++ .../parser/package-lock.json | 153 +++++++++++++++++ .../read-write-hook-test/parser/package.json | 14 ++ .../read-write-hook-test/parser/parser.js | 46 ++++++ .../parser/parser.test.js | 154 ++++++++++++++++++ .../read-write-hook-test/scanner/Dockerfile | 4 + ...read-write-hook-test-parse-definition.yaml | 7 + .../read-write-hook-test-scan-type.yaml | 19 +++ integrations/read-write-hook-test/values.yaml | 4 + 13 files changed, 439 insertions(+) create mode 100644 integrations/read-write-hook-test/.helmignore create mode 100644 integrations/read-write-hook-test/Chart.yaml create mode 100644 integrations/read-write-hook-test/parser/.dockerignore create mode 100644 integrations/read-write-hook-test/parser/.gitignore create mode 100644 integrations/read-write-hook-test/parser/Dockerfile create mode 100644 integrations/read-write-hook-test/parser/package-lock.json create mode 100644 integrations/read-write-hook-test/parser/package.json create mode 100644 integrations/read-write-hook-test/parser/parser.js create mode 100644 integrations/read-write-hook-test/parser/parser.test.js create mode 100644 integrations/read-write-hook-test/scanner/Dockerfile create mode 100644 integrations/read-write-hook-test/templates/read-write-hook-test-parse-definition.yaml create mode 100644 integrations/read-write-hook-test/templates/read-write-hook-test-scan-type.yaml create mode 100644 integrations/read-write-hook-test/values.yaml diff --git a/integrations/read-write-hook-test/.helmignore b/integrations/read-write-hook-test/.helmignore new file mode 100644 index 00000000..fedb362b --- /dev/null +++ b/integrations/read-write-hook-test/.helmignore @@ -0,0 +1,4 @@ +.DS_Store + +parser/ +scanner/ \ No newline at end of file diff --git a/integrations/read-write-hook-test/Chart.yaml b/integrations/read-write-hook-test/Chart.yaml new file mode 100644 index 00000000..67b96c53 --- /dev/null +++ b/integrations/read-write-hook-test/Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v2 +name: read-write-hook-test +description: A Helm chart to test the integration of read and write hooks. + +type: application +version: 0.1.0 +appVersion: 0.1.0 + +keywords: +- security +- readWriteHook +- scanner +- secureCodeBox +- integrationTest +- test +home: https://www.securecodebox.io/scanner/Nmap +icon: https://www.securecodebox.io/integrationIcons/Nmap.svg +sources: +- https://github.com/secureCodeBox/secureCodeBox +maintainers: +- name: iteratec GmbH + email: security@iteratec.com diff --git a/integrations/read-write-hook-test/parser/.dockerignore b/integrations/read-write-hook-test/parser/.dockerignore new file mode 100644 index 00000000..40b878db --- /dev/null +++ b/integrations/read-write-hook-test/parser/.dockerignore @@ -0,0 +1 @@ +node_modules/ \ No newline at end of file diff --git a/integrations/read-write-hook-test/parser/.gitignore b/integrations/read-write-hook-test/parser/.gitignore new file mode 100644 index 00000000..40b878db --- /dev/null +++ b/integrations/read-write-hook-test/parser/.gitignore @@ -0,0 +1 @@ +node_modules/ \ No newline at end of file diff --git a/integrations/read-write-hook-test/parser/Dockerfile b/integrations/read-write-hook-test/parser/Dockerfile new file mode 100644 index 00000000..a753447d --- /dev/null +++ b/integrations/read-write-hook-test/parser/Dockerfile @@ -0,0 +1,10 @@ +FROM node:12-alpine as build +RUN mkdir -p /home/app +WORKDIR /home/app +COPY package.json package-lock.json ./ +RUN npm ci --production + +FROM scbexperimental/parser-sdk-nodejs:latest +WORKDIR /home/app/parser-wrapper/parser/ +COPY --from=build --chown=app:app /home/app/node_modules/ ./node_modules/ +COPY --chown=app:app ./parser.js ./parser.js diff --git a/integrations/read-write-hook-test/parser/package-lock.json b/integrations/read-write-hook-test/parser/package-lock.json new file mode 100644 index 00000000..9ce75c64 --- /dev/null +++ b/integrations/read-write-hook-test/parser/package-lock.json @@ -0,0 +1,153 @@ +{ + "name": "read-write-hook-test-parser", + "version": "1.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "define-properties": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.1.3.tgz", + "integrity": "sha512-3MqfYKj2lLzdMSf8ZIZE/V+Zuy+BgD6f164e8K2w7dgnpKArBDerGYpM46IYYcjnkdPNMjPk9A6VFB8+3SKlXQ==", + "requires": { + "object-keys": "^1.0.12" + } + }, + "es-abstract": { + "version": "1.14.2", + "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.14.2.tgz", + "integrity": "sha512-DgoQmbpFNOofkjJtKwr87Ma5EW4Dc8fWhD0R+ndq7Oc456ivUfGOOP6oAZTTKl5/CcNMP+EN+e3/iUzgE0veZg==", + "requires": { + "es-to-primitive": "^1.2.0", + "function-bind": "^1.1.1", + "has": "^1.0.3", + "has-symbols": "^1.0.0", + "is-callable": "^1.1.4", + "is-regex": "^1.0.4", + "object-inspect": "^1.6.0", + "object-keys": "^1.1.1", + "string.prototype.trimleft": "^2.0.0", + "string.prototype.trimright": "^2.0.0" + } + }, + "es-to-primitive": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/es-to-primitive/-/es-to-primitive-1.2.0.tgz", + "integrity": "sha512-qZryBOJjV//LaxLTV6UC//WewneB3LcXOL9NP++ozKVXsIIIpm/2c13UDiD9Jp2eThsecw9m3jPqDwTyobcdbg==", + "requires": { + "is-callable": "^1.1.4", + "is-date-object": "^1.0.1", + "is-symbol": "^1.0.2" + } + }, + "function-bind": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", + "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==" + }, + "has": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", + "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", + "requires": { + "function-bind": "^1.1.1" + } + }, + "has-symbols": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.0.tgz", + "integrity": "sha1-uhqPGvKg/DllD1yFA2dwQSIGO0Q=" + }, + "is-callable": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/is-callable/-/is-callable-1.1.4.tgz", + "integrity": "sha512-r5p9sxJjYnArLjObpjA4xu5EKI3CuKHkJXMhT7kwbpUyIFD1n5PMAsoPvWnvtZiNz7LjkYDRZhd7FlI0eMijEA==" + }, + "is-date-object": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-date-object/-/is-date-object-1.0.1.tgz", + "integrity": "sha1-mqIOtq7rv/d/vTPnTKAbM1gdOhY=" + }, + "is-regex": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.0.4.tgz", + "integrity": "sha1-VRdIm1RwkbCTDglWVM7SXul+lJE=", + "requires": { + "has": "^1.0.1" + } + }, + "is-symbol": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-symbol/-/is-symbol-1.0.2.tgz", + "integrity": "sha512-HS8bZ9ox60yCJLH9snBpIwv9pYUAkcuLhSA1oero1UB5y9aiQpRA8y2ex945AOtCZL1lJDeIk3G5LthswI46Lw==", + "requires": { + "has-symbols": "^1.0.0" + } + }, + "object-inspect": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.6.0.tgz", + "integrity": "sha512-GJzfBZ6DgDAmnuaM3104jR4s1Myxr3Y3zfIyN4z3UdqN69oSRacNK8UhnobDdC+7J2AHCjGwxQubNJfE70SXXQ==" + }, + "object-keys": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.1.tgz", + "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==" + }, + "object.getownpropertydescriptors": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/object.getownpropertydescriptors/-/object.getownpropertydescriptors-2.0.3.tgz", + "integrity": "sha1-h1jIRvW0B62rDyNuCYbxSwUcqhY=", + "requires": { + "define-properties": "^1.1.2", + "es-abstract": "^1.5.1" + } + }, + "sax": { + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz", + "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==" + }, + "string.prototype.trimleft": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/string.prototype.trimleft/-/string.prototype.trimleft-2.1.0.tgz", + "integrity": "sha512-FJ6b7EgdKxxbDxc79cOlok6Afd++TTs5szo+zJTUyow3ycrRfJVE2pq3vcN53XexvKZu/DJMDfeI/qMiZTrjTw==", + "requires": { + "define-properties": "^1.1.3", + "function-bind": "^1.1.1" + } + }, + "string.prototype.trimright": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/string.prototype.trimright/-/string.prototype.trimright-2.1.0.tgz", + "integrity": "sha512-fXZTSV55dNBwv16uw+hh5jkghxSnc5oHq+5K/gXgizHwAvMetdAJlHqqoFC1FSDVPYWLkAKl2cxpUT41sV7nSg==", + "requires": { + "define-properties": "^1.1.3", + "function-bind": "^1.1.1" + } + }, + "util.promisify": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/util.promisify/-/util.promisify-1.0.0.tgz", + "integrity": "sha512-i+6qA2MPhvoKLuxnJNpXAGhg7HphQOSUq2LKMZD0m15EiskXUkMvKdF4Uui0WYeCUGea+o2cw/ZuwehtfsrNkA==", + "requires": { + "define-properties": "^1.1.2", + "object.getownpropertydescriptors": "^2.0.3" + } + }, + "xml2js": { + "version": "0.4.22", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.22.tgz", + "integrity": "sha512-MWTbxAQqclRSTnehWWe5nMKzI3VmJ8ltiJEco8akcC6j3miOhjjfzKum5sId+CWhfxdOs/1xauYr8/ZDBtQiRw==", + "requires": { + "sax": ">=0.6.0", + "util.promisify": "~1.0.0", + "xmlbuilder": "~11.0.0" + } + }, + "xmlbuilder": { + "version": "11.0.1", + "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", + "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==" + } + } +} diff --git a/integrations/read-write-hook-test/parser/package.json b/integrations/read-write-hook-test/parser/package.json new file mode 100644 index 00000000..f0015799 --- /dev/null +++ b/integrations/read-write-hook-test/parser/package.json @@ -0,0 +1,14 @@ +{ + "name": "read-write-hook-test-parser", + "version": "1.0.0", + "description": "Parses result files for the type: 'nmap-xml'", + "main": "", + "scripts": {}, + "keywords": [], + "author": "iteratec GmbH", + "license": "Apache-2.0", + "dependencies": { + "xml2js": "^0.4.22" + }, + "devDependencies": {} +} diff --git a/integrations/read-write-hook-test/parser/parser.js b/integrations/read-write-hook-test/parser/parser.js new file mode 100644 index 00000000..8742fd3c --- /dev/null +++ b/integrations/read-write-hook-test/parser/parser.js @@ -0,0 +1,46 @@ +async function parse(fileContent) { + return transformToFindings(); +} + +function transformToFindings() { + const portFindings = { + name: "Test read-write-hook service", + description: `Port is using protocol.`, + category: 'Open Port', + location: `tcp://rw-hook-test:80`, + osi_layer: 'NETWORK', + severity: 'INFORMATIONAL', + attributes: { + port: 80, + state: "Open", + ip_address: "host ip address", + mac_address: "hostInfo.mac", + protocol: "openPort.protocol", + hostname: "hostInfo.hostname", + method: "openPort.method", + operating_system: "hostInfo.osNmap", + service: "openPort.service", + serviceProduct: "openPort.serviceProduct", + serviceVersion: "openPort.serviceVersion", + scripts: "openPort.scriptOutputs", + }, + }; + + const hostFindings = { + name: `Host: hostname`, + category: 'Host', + description: 'Found a host', + location: "hostname", + severity: 'INFORMATIONAL', + osi_layer: 'NETWORK', + attributes: { + ip_address: "ip address", + hostname: "hostname", + operating_system: "osNmap", + }, + }; + + return [...portFindings, ...hostFindings]; +} + +module.exports.parse = parse; diff --git a/integrations/read-write-hook-test/parser/parser.test.js b/integrations/read-write-hook-test/parser/parser.test.js new file mode 100644 index 00000000..84fdf68b --- /dev/null +++ b/integrations/read-write-hook-test/parser/parser.test.js @@ -0,0 +1,154 @@ +const fs = require("fs"); +const util = require("util"); + +// eslint-disable-next-line security/detect-non-literal-fs-filename +const readFile = util.promisify(fs.readFile); + +const { parse } = require("./parser"); + +test("should properly parse nmap xml file", async () => { + const xmlContent = await readFile( + __dirname + "/__testFiles__/localhost.xml", + { + encoding: "utf8" + } + ); + + expect(await parse(xmlContent)).toMatchInlineSnapshot(` + Array [ + Object { + "attributes": Object { + "hostname": "localhost", + "ip_address": "127.0.0.1", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 53, + "protocol": "tcp", + "scripts": null, + "service": "domain", + "serviceProduct": null, + "serviceVersion": null, + "state": "open", + }, + "category": "Open Port", + "description": "Port 53 is open using tcp protocol.", + "location": "tcp://127.0.0.1:53", + "name": "domain", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "hostname": "localhost", + "ip_address": "127.0.0.1", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 8021, + "protocol": "tcp", + "scripts": null, + "service": "ftp-proxy", + "serviceProduct": null, + "serviceVersion": null, + "state": "open", + }, + "category": "Open Port", + "description": "Port 8021 is open using tcp protocol.", + "location": "tcp://127.0.0.1:8021", + "name": "ftp-proxy", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "hostname": "localhost", + "ip_address": "127.0.0.1", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 8080, + "protocol": "tcp", + "scripts": null, + "service": "http-proxy", + "serviceProduct": null, + "serviceVersion": null, + "state": "open", + }, + "category": "Open Port", + "description": "Port 8080 is open using tcp protocol.", + "location": "tcp://127.0.0.1:8080", + "name": "http-proxy", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "hostname": "localhost", + "ip_address": "127.0.0.1", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 9200, + "protocol": "tcp", + "scripts": null, + "service": "wap-wsp", + "serviceProduct": null, + "serviceVersion": null, + "state": "open", + }, + "category": "Open Port", + "description": "Port 9200 is open using tcp protocol.", + "location": "tcp://127.0.0.1:9200", + "name": "wap-wsp", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "hostname": "localhost", + "ip_address": "127.0.0.1", + "operating_system": null, + }, + "category": "Host", + "description": "Found a host", + "location": "localhost", + "name": "Host: localhost", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + ] + `); +}); + +test("should properly parse a nmap xml without any ports", async () => { + const xmlContent = await readFile(__dirname + "/__testFiles__/no-ports.xml", { + encoding: "utf8" + }); + + expect(await parse(xmlContent)).toMatchInlineSnapshot(` + Array [ + Object { + "attributes": Object { + "hostname": "localhost", + "ip_address": "127.0.0.1", + "operating_system": null, + }, + "category": "Host", + "description": "Found a host", + "location": "localhost", + "name": "Host: localhost", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + ] + `); +}); + +test("should properly parse a nmap xml without any host", async () => { + const xmlContent = await readFile(__dirname + "/__testFiles__/no-host.xml", { + encoding: "utf8" + }); + + expect(await parse(xmlContent)).toMatchInlineSnapshot(`Array []`); +}); diff --git a/integrations/read-write-hook-test/scanner/Dockerfile b/integrations/read-write-hook-test/scanner/Dockerfile new file mode 100644 index 00000000..dd7bb5a4 --- /dev/null +++ b/integrations/read-write-hook-test/scanner/Dockerfile @@ -0,0 +1,4 @@ +FROM alpine:3.11 +RUN addgroup -S rwhook && adduser -S -g rwhook rwhook +USER rwhook +CMD [cat] \ No newline at end of file diff --git a/integrations/read-write-hook-test/templates/read-write-hook-test-parse-definition.yaml b/integrations/read-write-hook-test/templates/read-write-hook-test-parse-definition.yaml new file mode 100644 index 00000000..3a321dd0 --- /dev/null +++ b/integrations/read-write-hook-test/templates/read-write-hook-test-parse-definition.yaml @@ -0,0 +1,7 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: ParseDefinition +metadata: + name: "read-write-hook-test-xml" +spec: + handlesResultsType: nmap-xml + image: "{{ .Values.parserImage.registry }}/{{ .Values.parserImage.repository }}:{{ .Values.parserImage.tag }}" diff --git a/integrations/read-write-hook-test/templates/read-write-hook-test-scan-type.yaml b/integrations/read-write-hook-test/templates/read-write-hook-test-scan-type.yaml new file mode 100644 index 00000000..413330d3 --- /dev/null +++ b/integrations/read-write-hook-test/templates/read-write-hook-test-scan-type.yaml @@ -0,0 +1,19 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: ScanType +metadata: + name: "rw-hook-test" +spec: + extractResults: + type: nmap-xml + location: "/home/securecodebox/rw-hook-test-results.xml" + jobTemplate: + spec: + ttlSecondsAfterFinished: 10 + backoffLimit: 3 + template: + spec: + restartPolicy: OnFailure + containers: + - name: rw-hook-test + image: scbexperimental/rw-hook-test:latest + command: ["cat", "/home/securecodebox/nmap-results.xml"] diff --git a/integrations/read-write-hook-test/values.yaml b/integrations/read-write-hook-test/values.yaml new file mode 100644 index 00000000..b48f15b4 --- /dev/null +++ b/integrations/read-write-hook-test/values.yaml @@ -0,0 +1,4 @@ +parserImage: + registry: docker.io + repository: scbexperimental/parser-read-write-hook-test + tag: latest From a61ae3563dae0db567483db2a75dcd66c292d1a8 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Mon, 8 Jun 2020 12:55:11 +0200 Subject: [PATCH 040/109] Refactored imperical combined hook for better testability and readability --- hooks/nmap-subsequent-scans/Dockerfile | 4 +- .../__mocks__/scan-helpers.js | 1 + hooks/nmap-subsequent-scans/hook.js | 307 +- hooks/nmap-subsequent-scans/hook.test.js | 47 + hooks/nmap-subsequent-scans/package-lock.json | 5184 +++++++++++++++++ hooks/nmap-subsequent-scans/package.json | 19 + hooks/nmap-subsequent-scans/scan-helpers.js | 47 + 7 files changed, 5400 insertions(+), 209 deletions(-) create mode 100644 hooks/nmap-subsequent-scans/__mocks__/scan-helpers.js create mode 100644 hooks/nmap-subsequent-scans/package-lock.json create mode 100644 hooks/nmap-subsequent-scans/package.json create mode 100644 hooks/nmap-subsequent-scans/scan-helpers.js diff --git a/hooks/nmap-subsequent-scans/Dockerfile b/hooks/nmap-subsequent-scans/Dockerfile index ffe1db53..880f259c 100644 --- a/hooks/nmap-subsequent-scans/Dockerfile +++ b/hooks/nmap-subsequent-scans/Dockerfile @@ -1,3 +1,5 @@ +# This image doesn't install the hooks dependencies, as it only has the @kubernetes/client-node dependencies which is already installed via the hook-sdk + FROM scbexperimental/hook-sdk-nodejs:latest WORKDIR /home/app/hook-wrapper/hook/ -COPY --chown=app:app ./hook.js ./hook.js +COPY --chown=app:app hook.js scan-helpers.js ./ diff --git a/hooks/nmap-subsequent-scans/__mocks__/scan-helpers.js b/hooks/nmap-subsequent-scans/__mocks__/scan-helpers.js new file mode 100644 index 00000000..6d1a50b1 --- /dev/null +++ b/hooks/nmap-subsequent-scans/__mocks__/scan-helpers.js @@ -0,0 +1 @@ +module.exports.startSubsequentSecureCodeBoxScan = jest.fn(); diff --git a/hooks/nmap-subsequent-scans/hook.js b/hooks/nmap-subsequent-scans/hook.js index c5ec5f24..34bdeb1d 100644 --- a/hooks/nmap-subsequent-scans/hook.js +++ b/hooks/nmap-subsequent-scans/hook.js @@ -1,244 +1,135 @@ -const k8s = require('@kubernetes/client-node'); +const { startSubsequentSecureCodeBoxScan } = require("./scan-helpers"); -// configure k8s client -const kc = new k8s.KubeConfig(); -kc.loadFromDefault(); - -const k8sApiCRD = kc.makeApiClient(k8s.CustomObjectsApi); - -async function handle({ - getFindings -}) { - +async function handle({ scan, getFindings }) { const findings = await getFindings(); console.log(findings); - // const sslyzeYaml = k8s.dumpYaml(sslyzeJSONString); - // const sslyzeYaml = k8s.loadYaml(sslyzeScanDefinition); - - console.log(`Found #${findings.length} findings... trying to find possible subsequent security scans.`); + console.log( + `Found #${findings.length} findings... trying to find possible subsequent security scans.` + ); for (const finding of findings) { - if(finding.category == "Open Port") { - console.log("Found open port finding for service: " + finding.attributes.port); - - if(finding.attributes.state = "open") { - - // search for HTTP ports and start subsequent Nikto Scan - if(finding.attributes.service == "http" ) { - startNiktoScan(finding.attributes.hostname, finding.attributes.port); - } - - // search for HTTPS ports and start subsequent SSLyze Scan - if(finding.attributes.service == "ssl" || finding.attributes.service == "https") { - startSSLyzeScan(finding.attributes.hostname, finding.attributes.port); - - startZAPBaselineScan(finding.attributes.hostname, finding.attributes.port); - } - - // search for HTTPS ports and start subsequent SSH Scan - if(finding.attributes.service == "ssh" ) { - startSSHScan(finding.attributes.hostname, finding.attributes.port); - } + if ( + finding.category === "Open Port" && + finding.attributes.state === "open" + ) { + const hostname = finding.attributes.hostname; + const port = finding.attributes.port; + + console.log( + "Found open port finding for service: " + finding.attributes.port + ); + + // search for HTTP ports and start subsequent Nikto Scan + if (finding.attributes.service === "http") { + await startNiktoScan({ + parentScan: scan, + hostname, + port, + }); + } + + // search for HTTPS ports and start subsequent SSLyze Scan + if ( + finding.attributes.service === "ssl" || + finding.attributes.service === "https" + ) { + await startSSLyzeScan({ + parentScan: scan, + hostname, + port, + }); + + await startZAPBaselineScan({ + parentScan: scan, + hostname, + port, + }); + } + + // search for HTTPS ports and start subsequent SSH Scan + if (finding.attributes.service === "ssh") { + await startSSHScan({ + parentScan: scan, + hostname, + port, + }); } } } - - // const k8sApi = kc.makeApiClient(k8s.CoreV1Api); - - // console.log("list namespaced Pods") - // k8sApi.listNamespacedPod('default').then((res) => { - // console.log(res.body); - // }); - - // const k8sApiCRD = kc.makeApiClient(k8s.CustomObjectsApi); - - // // found at: https://github.com/kubernetes-client/javascript/issues/144 - // console.log("list namespaced CRDs") - // k8sApiCRD.listNamespacedCustomObject( - // 'execution.experimental.securecodebox.io', - // 'v1', - // 'default', - // 'scans', - // 'false' - // ).then((res) => { - // console.log(res.body); - // }); } /** * Creates a new subsequent SCB ZAP Scan for the given hostname. - * @param {*} hostname The hostname to start a new subsequent ZAP scan for. - * @param {*} port The port to start a new subsequent ZAP scan for. + * @param {string} hostname The hostname to start a new subsequent ZAP scan for. + * @param {string} port The port to start a new subsequent ZAP scan for. */ -function startZAPBaselineScan(hostname, port) { - console.log(" --> starting subsequent ZAP Scan for host: " + hostname + ":" + port); - - const zapScanDefinition = { - apiVersion: "execution.experimental.securecodebox.io/v1", - kind: "Scan", - metadata: { - "name": "zap-" + hostname.toLowerCase(), - "labels": { - "organization": "secureCodeBox" - } - }, - spec: { - "scanType": "zap-baseline", - "parameters": [ - "-t", - "https://" + hostname + ":" + port - ] - } - }; - - // Starting another subsequent sslyze scan based on the nmap results - // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 - k8sApiCRD.createNamespacedCustomObject( - 'execution.experimental.securecodebox.io', - 'v1', - 'default', - 'scans', - zapScanDefinition, - 'false' - ).then((res) => { - console.log(res.body); - }) - .catch((e) => { - console.log(e); +async function startZAPBaselineScan({ parentScan, hostname, port }) { + console.log( + " --> starting subsequent ZAP Scan for host: " + hostname + ":" + port + ); + + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `zap-${hostname.toLowerCase()}`, + scanType: "zap-baseline", + parameters: ["-t", "https://" + hostname + ":" + port], }); } /** * Creates a new subsequent SCB SSH Scan for the given hostname. - * @param {*} hostname The hostname to start a new subsequent SSH scan for. - * @param {*} port The port to start a new subsequent SSH scan for. + * @param {string} hostname The hostname to start a new subsequent SSH scan for. + * @param {string} port The port to start a new subsequent SSH scan for. */ -function startSSHScan(hostname, port) { - console.log(" --> starting subsequent SSH Scan for host: " + hostname + ":" + port); - - const sshScanDefintion = { - "apiVersion": "execution.experimental.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "name": "ssh-" + hostname.toLowerCase(), - "labels": { - "organization": "secureCodeBox" - } - }, - "spec": { - "scanType": "ssh-scan", - "parameters": [ - "-t", - hostname - ] - } - }; - - // Starting another subsequent sslyze scan based on the nmap results - // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 - k8sApiCRD.createNamespacedCustomObject( - 'execution.experimental.securecodebox.io', - 'v1', - 'default', - 'scans', - sshScanDefintion, - 'false' - ).then((res) => { - console.log(res.body); - }) - .catch((e) => { - console.log(e); +async function startSSHScan({ parentScan, hostname, port }) { + console.log( + " --> starting subsequent SSH Scan for host: " + hostname + ":" + port + ); + + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `ssh-${hostname.toLowerCase()}`, + scanType: "ssh-scan", + parameters: ["-t", hostname], }); } /** * Creates a new subsequent SCB Nikto Scan for the given hostname. - * @param {*} hostname The hostname to start a new subsequent Nikto scan for. - * @param {*} port The port to start a new subsequent Nikto scan for. + * @param {string} hostname The hostname to start a new subsequent Nikto scan for. + * @param {string} port The port to start a new subsequent Nikto scan for. */ -function startNiktoScan(hostname, port) { - console.log(" --> starting subsequent Nikto Scan for host: " + hostname + ":" + port); - - const niktoScanDefinition = { - "apiVersion": "execution.experimental.securecodebox.io/v1", - "kind": "Scan", - "metadata": { - "name": "nikto-" + hostname.toLowerCase(), - "labels": { - "organization": "secureCodeBox" - } - }, - "spec": { - "scanType": "nikto", - "parameters": [ - "-h", - "https://" + hostname, - "-Tuning", - "1,2,3,5,7,b" - ] - } - }; - - // Starting another subsequent sslyze scan based on the nmap results - // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 - k8sApiCRD.createNamespacedCustomObject( - 'execution.experimental.securecodebox.io', - 'v1', - 'default', - 'scans', - niktoScanDefinition, - 'false' - ).then((res) => { - console.log(res.body); - }) - .catch((e) => { - console.log(e); +async function startNiktoScan({ parentScan, hostname, port }) { + console.log( + " --> starting subsequent Nikto Scan for host: " + hostname + ":" + port + ); + + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `nikto-${hostname.toLowerCase()}`, + scanType: "nikto", + parameters: ["-h", "https://" + hostname, "-Tuning", "1,2,3,5,7,b"], }); } /** * Creates a new subsequent SCB SSLyze Scan for the given hostname. - * @param {*} hostname The hostname to start a new subsequent SSLyze scan for. - * @param {*} port The port to start a new subsequent SSLyze scan for. + * @param {string} hostname The hostname to start a new subsequent SSLyze scan for. + * @param {string} port The port to start a new subsequent SSLyze scan for. */ -function startSSLyzeScan(hostname, port) { - console.log(" --> starting subsequent SSLyze Scan for host: " + hostname + ":" + port); - - const sslyzeScanDefinition = { - apiVersion: 'execution.experimental.securecodebox.io/v1', - kind: 'Scan', - metadata: { - "name": "sslyze-" + hostname.toLowerCase(), - "labels": { - "organization": "secureCodeBox" - } - }, - "spec": { - "scanType": "sslyze", - "parameters": [ - "--regular", - hostname - ] - } - }; - - // Starting another subsequent sslyze scan based on the nmap results - // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 - k8sApiCRD.createNamespacedCustomObject( - 'execution.experimental.securecodebox.io', - 'v1', - 'default', - 'scans', - sslyzeScanDefinition, - 'false' - ).then((res) => { - console.log(res.body); - }) - .catch((e) => { - console.log(e); - }); +async function startSSLyzeScan({ parentScan, hostname, port }) { + console.log( + " --> starting subsequent SSLyze Scan for host: " + hostname + ":" + port + ); + + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `sslyze-${hostname.toLowerCase()}`, + scanType: "sslyze", + parameters: ["--regular", hostname], + }); } module.exports.handle = handle; diff --git a/hooks/nmap-subsequent-scans/hook.test.js b/hooks/nmap-subsequent-scans/hook.test.js index 5ac3cdbc..a25f9878 100644 --- a/hooks/nmap-subsequent-scans/hook.test.js +++ b/hooks/nmap-subsequent-scans/hook.test.js @@ -1,2 +1,49 @@ +jest.mock("./scan-helpers"); + const { handle } = require("./hook"); +const { startSubsequentSecureCodeBoxScan } = require("./scan-helpers"); + +test("should create subsequent scans for https port", async () => { + const findings = [ + { + name: "Port 443 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "foobar.com", + port: 443, + service: "https", + }, + }, + ]; + + const scan = { + metadata: { + labels: { + foo: "bar", + }, + }, + }; + + const getFindings = async () => findings; + + await handle({ + getFindings, + scan, + }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(2); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(1, { + name: "sslyze-foobar.com", + parameters: ["--regular", "foobar.com"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "sslyze", + }); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(2, { + name: "zap-foobar.com", + parameters: ["-t", "https://foobar.com:443"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "zap-baseline", + }); +}); diff --git a/hooks/nmap-subsequent-scans/package-lock.json b/hooks/nmap-subsequent-scans/package-lock.json new file mode 100644 index 00000000..9446900e --- /dev/null +++ b/hooks/nmap-subsequent-scans/package-lock.json @@ -0,0 +1,5184 @@ +{ + "name": "scb-add-attributes", + "version": "1.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@babel/code-frame": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.8.3.tgz", + "integrity": "sha512-a9gxpmdXtZEInkCSHUJDLHZVBgb1QS0jhss4cPP93EW7s+uC5bikET2twEF3KV+7rDblJcmNvTR7VJejqd2C2g==", + "dev": true, + "requires": { + "@babel/highlight": "^7.8.3" + } + }, + "@babel/core": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.9.6.tgz", + "integrity": "sha512-nD3deLvbsApbHAHttzIssYqgb883yU/d9roe4RZymBCDaZryMJDbptVpEpeQuRh4BJ+SYI8le9YGxKvFEvl1Wg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/generator": "^7.9.6", + "@babel/helper-module-transforms": "^7.9.0", + "@babel/helpers": "^7.9.6", + "@babel/parser": "^7.9.6", + "@babel/template": "^7.8.6", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6", + "convert-source-map": "^1.7.0", + "debug": "^4.1.0", + "gensync": "^1.0.0-beta.1", + "json5": "^2.1.2", + "lodash": "^4.17.13", + "resolve": "^1.3.2", + "semver": "^5.4.1", + "source-map": "^0.5.0" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + }, + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/generator": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.9.6.tgz", + "integrity": "sha512-+htwWKJbH2bL72HRluF8zumBxzuX0ZZUFl3JLNyoUjM/Ho8wnVpPXM6aUz8cfKDqQ/h7zHqKt4xzJteUosckqQ==", + "dev": true, + "requires": { + "@babel/types": "^7.9.6", + "jsesc": "^2.5.1", + "lodash": "^4.17.13", + "source-map": "^0.5.0" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/helper-function-name": { + "version": "7.9.5", + "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.9.5.tgz", + "integrity": "sha512-JVcQZeXM59Cd1qanDUxv9fgJpt3NeKUaqBqUEvfmQ+BCOKq2xUgaWZW2hr0dkbyJgezYuplEoh5knmrnS68efw==", + "dev": true, + "requires": { + "@babel/helper-get-function-arity": "^7.8.3", + "@babel/template": "^7.8.3", + "@babel/types": "^7.9.5" + } + }, + "@babel/helper-get-function-arity": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.8.3.tgz", + "integrity": "sha512-FVDR+Gd9iLjUMY1fzE2SR0IuaJToR4RkCDARVfsBBPSP53GEqSFjD8gNyxg246VUyc/ALRxFaAK8rVG7UT7xRA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-member-expression-to-functions": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.8.3.tgz", + "integrity": "sha512-fO4Egq88utkQFjbPrSHGmGLFqmrshs11d46WI+WZDESt7Wu7wN2G2Iu+NMMZJFDOVRHAMIkB5SNh30NtwCA7RA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-module-imports": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.8.3.tgz", + "integrity": "sha512-R0Bx3jippsbAEtzkpZ/6FIiuzOURPcMjHp+Z6xPe6DtApDJx+w7UYyOLanZqO8+wKR9G10s/FmHXvxaMd9s6Kg==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-module-transforms": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.9.0.tgz", + "integrity": "sha512-0FvKyu0gpPfIQ8EkxlrAydOWROdHpBmiCiRwLkUiBGhCUPRRbVD2/tm3sFr/c/GWFrQ/ffutGUAnx7V0FzT2wA==", + "dev": true, + "requires": { + "@babel/helper-module-imports": "^7.8.3", + "@babel/helper-replace-supers": "^7.8.6", + "@babel/helper-simple-access": "^7.8.3", + "@babel/helper-split-export-declaration": "^7.8.3", + "@babel/template": "^7.8.6", + "@babel/types": "^7.9.0", + "lodash": "^4.17.13" + } + }, + "@babel/helper-optimise-call-expression": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.8.3.tgz", + "integrity": "sha512-Kag20n86cbO2AvHca6EJsvqAd82gc6VMGule4HwebwMlwkpXuVqrNRj6CkCV2sKxgi9MyAUnZVnZ6lJ1/vKhHQ==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-plugin-utils": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.8.3.tgz", + "integrity": "sha512-j+fq49Xds2smCUNYmEHF9kGNkhbet6yVIBp4e6oeQpH1RUs/Ir06xUKzDjDkGcaaokPiTNs2JBWHjaE4csUkZQ==", + "dev": true + }, + "@babel/helper-replace-supers": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.9.6.tgz", + "integrity": "sha512-qX+chbxkbArLyCImk3bWV+jB5gTNU/rsze+JlcF6Nf8tVTigPJSI1o1oBow/9Resa1yehUO9lIipsmu9oG4RzA==", + "dev": true, + "requires": { + "@babel/helper-member-expression-to-functions": "^7.8.3", + "@babel/helper-optimise-call-expression": "^7.8.3", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6" + } + }, + "@babel/helper-simple-access": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.8.3.tgz", + "integrity": "sha512-VNGUDjx5cCWg4vvCTR8qQ7YJYZ+HBjxOgXEl7ounz+4Sn7+LMD3CFrCTEU6/qXKbA2nKg21CwhhBzO0RpRbdCw==", + "dev": true, + "requires": { + "@babel/template": "^7.8.3", + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-split-export-declaration": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.8.3.tgz", + "integrity": "sha512-3x3yOeyBhW851hroze7ElzdkeRXQYQbFIb7gLK1WQYsw2GWDay5gAJNw1sWJ0VFP6z5J1whqeXH/WCdCjZv6dA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-validator-identifier": { + "version": "7.9.5", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.9.5.tgz", + "integrity": "sha512-/8arLKUFq882w4tWGj9JYzRpAlZgiWUJ+dtteNTDqrRBz9Iguck9Rn3ykuBDoUwh2TO4tSAJlrxDUOXWklJe4g==", + "dev": true + }, + "@babel/helpers": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.9.6.tgz", + "integrity": "sha512-tI4bUbldloLcHWoRUMAj4g1bF313M/o6fBKhIsb3QnGVPwRm9JsNf/gqMkQ7zjqReABiffPV6RWj7hEglID5Iw==", + "dev": true, + "requires": { + "@babel/template": "^7.8.3", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6" + } + }, + "@babel/highlight": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.9.0.tgz", + "integrity": "sha512-lJZPilxX7Op3Nv/2cvFdnlepPXDxi29wxteT57Q965oc5R9v86ztx0jfxVrTcBk8C2kcPkkDa2Z4T3ZsPPVWsQ==", + "dev": true, + "requires": { + "@babel/helper-validator-identifier": "^7.9.0", + "chalk": "^2.0.0", + "js-tokens": "^4.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "dev": true, + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "dev": true, + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "color-convert": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "dev": true, + "requires": { + "color-name": "1.1.3" + } + }, + "color-name": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", + "dev": true + }, + "has-flag": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", + "dev": true + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "@babel/parser": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.9.6.tgz", + "integrity": "sha512-AoeIEJn8vt+d/6+PXDRPaksYhnlbMIiejioBZvvMQsOjW/JYK6k/0dKnvvP3EhK5GfMBWDPtrxRtegWdAcdq9Q==", + "dev": true + }, + "@babel/plugin-syntax-async-generators": { + "version": "7.8.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-bigint": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", + "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-class-properties": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.8.3.tgz", + "integrity": "sha512-UcAyQWg2bAN647Q+O811tG9MrJ38Z10jjhQdKNAL8fsyPzE3cCN/uT+f55cFVY4aGO4jqJAvmqsuY3GQDwAoXg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-json-strings": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-logical-assignment-operators": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.8.3.tgz", + "integrity": "sha512-Zpg2Sgc++37kuFl6ppq2Q7Awc6E6AIW671x5PY8E/f7MCIyPPGK/EoeZXvvY3P42exZ3Q4/t3YOzP/HiN79jDg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-nullish-coalescing-operator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-numeric-separator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.8.3.tgz", + "integrity": "sha512-H7dCMAdN83PcCmqmkHB5dtp+Xa9a6LKSvA2hiFBC/5alSHxM5VgWZXFqDi0YFe8XNGT6iCa+z4V4zSt/PdZ7Dw==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-object-rest-spread": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-catch-binding": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-chaining": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/template": { + "version": "7.8.6", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.8.6.tgz", + "integrity": "sha512-zbMsPMy/v0PWFZEhQJ66bqjhH+z0JgMoBWuikXybgG3Gkd/3t5oQ1Rw2WQhnSrsOmsKXnZOx15tkC4qON/+JPg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/parser": "^7.8.6", + "@babel/types": "^7.8.6" + } + }, + "@babel/traverse": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.9.6.tgz", + "integrity": "sha512-b3rAHSjbxy6VEAvlxM8OV/0X4XrG72zoxme6q1MOoe2vd0bEc+TwayhuC1+Dfgqh1QEG+pj7atQqvUprHIccsg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/generator": "^7.9.6", + "@babel/helper-function-name": "^7.9.5", + "@babel/helper-split-export-declaration": "^7.8.3", + "@babel/parser": "^7.9.6", + "@babel/types": "^7.9.6", + "debug": "^4.1.0", + "globals": "^11.1.0", + "lodash": "^4.17.13" + } + }, + "@babel/types": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.9.6.tgz", + "integrity": "sha512-qxXzvBO//jO9ZnoasKF1uJzHd2+M6Q2ZPIVfnFps8JJvXy0ZBbwbNOmE6SGIY5XOY6d1Bo5lb9d9RJ8nv3WSeA==", + "dev": true, + "requires": { + "@babel/helper-validator-identifier": "^7.9.5", + "lodash": "^4.17.13", + "to-fast-properties": "^2.0.0" + } + }, + "@bcoe/v8-coverage": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", + "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "dev": true + }, + "@cnakazawa/watch": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@cnakazawa/watch/-/watch-1.0.4.tgz", + "integrity": "sha512-v9kIhKwjeZThiWrLmj0y17CWoyddASLj9O2yvbZkbvw/N3rWOYy9zkV66ursAoVr0mV15bL8g0c4QZUE6cdDoQ==", + "dev": true, + "requires": { + "exec-sh": "^0.3.2", + "minimist": "^1.2.0" + } + }, + "@istanbuljs/load-nyc-config": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", + "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "dev": true, + "requires": { + "camelcase": "^5.3.1", + "find-up": "^4.1.0", + "get-package-type": "^0.1.0", + "js-yaml": "^3.13.1", + "resolve-from": "^5.0.0" + } + }, + "@istanbuljs/schema": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.2.tgz", + "integrity": "sha512-tsAQNx32a8CoFhjhijUIhI4kccIAgmGhy8LZMZgGfmXcpMbPRUqn5LWmgRttILi6yeGmBJd2xsPkFMs0PzgPCw==", + "dev": true + }, + "@jest/console": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/console/-/console-25.5.0.tgz", + "integrity": "sha512-T48kZa6MK1Y6k4b89sexwmSF4YLeZS/Udqg3Jj3jG/cHH+N/sLFCEoXEDMOKugJQ9FxPN1osxIknvKkxt6MKyw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "jest-message-util": "^25.5.0", + "jest-util": "^25.5.0", + "slash": "^3.0.0" + } + }, + "@jest/core": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/@jest/core/-/core-25.5.4.tgz", + "integrity": "sha512-3uSo7laYxF00Dg/DMgbn4xMJKmDdWvZnf89n8Xj/5/AeQ2dOQmn6b6Hkj/MleyzZWXpwv+WSdYWl4cLsy2JsoA==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/reporters": "^25.5.1", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "ansi-escapes": "^4.2.1", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-changed-files": "^25.5.0", + "jest-config": "^25.5.4", + "jest-haste-map": "^25.5.1", + "jest-message-util": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-resolve-dependencies": "^25.5.4", + "jest-runner": "^25.5.4", + "jest-runtime": "^25.5.4", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "jest-watcher": "^25.5.0", + "micromatch": "^4.0.2", + "p-each-series": "^2.1.0", + "realpath-native": "^2.0.0", + "rimraf": "^3.0.0", + "slash": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "@jest/environment": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-25.5.0.tgz", + "integrity": "sha512-U2VXPEqL07E/V7pSZMSQCvV5Ea4lqOlT+0ZFijl/i316cRMHvZ4qC+jBdryd+lmRetjQo0YIQr6cVPNxxK87mA==", + "dev": true, + "requires": { + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0" + } + }, + "@jest/fake-timers": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-25.5.0.tgz", + "integrity": "sha512-9y2+uGnESw/oyOI3eww9yaxdZyHq7XvprfP/eeoCsjqKYts2yRlsHS/SgjPDV8FyMfn2nbMy8YzUk6nyvdLOpQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "lolex": "^5.0.0" + } + }, + "@jest/globals": { + "version": "25.5.2", + "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-25.5.2.tgz", + "integrity": "sha512-AgAS/Ny7Q2RCIj5kZ+0MuKM1wbF0WMLxbCVl/GOMoCNbODRdJ541IxJ98xnZdVSZXivKpJlNPIWa3QmY0l4CXA==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/types": "^25.5.0", + "expect": "^25.5.0" + } + }, + "@jest/reporters": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-25.5.1.tgz", + "integrity": "sha512-3jbd8pPDTuhYJ7vqiHXbSwTJQNavczPs+f1kRprRDxETeE3u6srJ+f0NPuwvOmk+lmunZzPkYWIFZDLHQPkviw==", + "dev": true, + "requires": { + "@bcoe/v8-coverage": "^0.2.3", + "@jest/console": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "collect-v8-coverage": "^1.0.0", + "exit": "^0.1.2", + "glob": "^7.1.2", + "graceful-fs": "^4.2.4", + "istanbul-lib-coverage": "^3.0.0", + "istanbul-lib-instrument": "^4.0.0", + "istanbul-lib-report": "^3.0.0", + "istanbul-lib-source-maps": "^4.0.0", + "istanbul-reports": "^3.0.2", + "jest-haste-map": "^25.5.1", + "jest-resolve": "^25.5.1", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "node-notifier": "^6.0.0", + "slash": "^3.0.0", + "source-map": "^0.6.0", + "string-length": "^3.1.0", + "terminal-link": "^2.0.0", + "v8-to-istanbul": "^4.1.3" + } + }, + "@jest/source-map": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-25.5.0.tgz", + "integrity": "sha512-eIGx0xN12yVpMcPaVpjXPnn3N30QGJCJQSkEDUt9x1fI1Gdvb07Ml6K5iN2hG7NmMP6FDmtPEssE3z6doOYUwQ==", + "dev": true, + "requires": { + "callsites": "^3.0.0", + "graceful-fs": "^4.2.4", + "source-map": "^0.6.0" + } + }, + "@jest/test-result": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-25.5.0.tgz", + "integrity": "sha512-oV+hPJgXN7IQf/fHWkcS99y0smKLU2czLBJ9WA0jHITLst58HpQMtzSYxzaBvYc6U5U6jfoMthqsUlUlbRXs0A==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/types": "^25.5.0", + "@types/istanbul-lib-coverage": "^2.0.0", + "collect-v8-coverage": "^1.0.0" + } + }, + "@jest/test-sequencer": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-25.5.4.tgz", + "integrity": "sha512-pTJGEkSeg1EkCO2YWq6hbFvKNXk8ejqlxiOg1jBNLnWrgXOkdY6UmqZpwGFXNnRt9B8nO1uWMzLLZ4eCmhkPNA==", + "dev": true, + "requires": { + "@jest/test-result": "^25.5.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^25.5.1", + "jest-runner": "^25.5.4", + "jest-runtime": "^25.5.4" + } + }, + "@jest/transform": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-25.5.1.tgz", + "integrity": "sha512-Y8CEoVwXb4QwA6Y/9uDkn0Xfz0finGkieuV0xkdF9UtZGJeLukD5nLkaVrVsODB1ojRWlaoD0AJZpVHCSnJEvg==", + "dev": true, + "requires": { + "@babel/core": "^7.1.0", + "@jest/types": "^25.5.0", + "babel-plugin-istanbul": "^6.0.0", + "chalk": "^3.0.0", + "convert-source-map": "^1.4.0", + "fast-json-stable-stringify": "^2.0.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^25.5.1", + "jest-regex-util": "^25.2.6", + "jest-util": "^25.5.0", + "micromatch": "^4.0.2", + "pirates": "^4.0.1", + "realpath-native": "^2.0.0", + "slash": "^3.0.0", + "source-map": "^0.6.1", + "write-file-atomic": "^3.0.0" + } + }, + "@jest/types": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-25.5.0.tgz", + "integrity": "sha512-OXD0RgQ86Tu3MazKo8bnrkDRaDXXMGUqd+kTtLtK1Zb7CRzQcaSRPPPV37SvYTdevXEBVxe0HXylEjs8ibkmCw==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "^2.0.0", + "@types/istanbul-reports": "^1.1.1", + "@types/yargs": "^15.0.0", + "chalk": "^3.0.0" + } + }, + "@kubernetes/client-node": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/@kubernetes/client-node/-/client-node-0.12.0.tgz", + "integrity": "sha512-u57q5IaZl91f7YZoZOsgCa31hHyowHxFG88XZXd8arI8heSxbdHWHineo/8mLZbeSbHkge9Awae1stQZzuTnjg==", + "requires": { + "@types/js-yaml": "^3.12.1", + "@types/node": "^10.12.0", + "@types/request": "^2.47.1", + "@types/underscore": "^1.8.9", + "@types/ws": "^6.0.1", + "byline": "^5.0.0", + "execa": "1.0.0", + "isomorphic-ws": "^4.0.1", + "js-yaml": "^3.13.1", + "jsonpath-plus": "^0.19.0", + "openid-client": "2.5.0", + "request": "^2.88.0", + "rfc4648": "^1.3.0", + "shelljs": "^0.8.2", + "tslib": "^1.9.3", + "underscore": "^1.9.1", + "ws": "^6.1.0" + }, + "dependencies": { + "@types/node": { + "version": "10.17.24", + "resolved": "https://registry.npmjs.org/@types/node/-/node-10.17.24.tgz", + "integrity": "sha512-5SCfvCxV74kzR3uWgTYiGxrd69TbT1I6+cMx1A5kEly/IVveJBimtAMlXiEyVFn5DvUFewQWxOOiJhlxeQwxgA==" + }, + "ws": { + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-6.2.1.tgz", + "integrity": "sha512-GIyAXC2cB7LjvpgMt9EKS2ldqr0MTrORaleiOno6TweZ6r3TKtoFQWay/2PceJ3RuBasOHzXNn5Lrw1X0bEjqA==", + "requires": { + "async-limiter": "~1.0.0" + } + } + } + }, + "@sindresorhus/is": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-0.7.0.tgz", + "integrity": "sha512-ONhaKPIufzzrlNbqtWFFd+jlnemX6lJAgq9ZeiZtS7I1PIf/la7CW4m83rTXRnVnsMbW2k56pGYu7AUFJD9Pow==" + }, + "@sinonjs/commons": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.0.tgz", + "integrity": "sha512-wEj54PfsZ5jGSwMX68G8ZXFawcSglQSXqCftWX3ec8MDUzQdHgcKvw97awHbY0efQEL5iKUOAmmVtoYgmrSG4Q==", + "dev": true, + "requires": { + "type-detect": "4.0.8" + } + }, + "@types/babel__core": { + "version": "7.1.7", + "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.7.tgz", + "integrity": "sha512-RL62NqSFPCDK2FM1pSDH0scHpJvsXtZNiYlMB73DgPBaG1E38ZYVL+ei5EkWRbr+KC4YNiAUNBnRj+bgwpgjMw==", + "dev": true, + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0", + "@types/babel__generator": "*", + "@types/babel__template": "*", + "@types/babel__traverse": "*" + } + }, + "@types/babel__generator": { + "version": "7.6.1", + "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.1.tgz", + "integrity": "sha512-bBKm+2VPJcMRVwNhxKu8W+5/zT7pwNEqeokFOmbvVSqGzFneNxYcEBro9Ac7/N9tlsaPYnZLK8J1LWKkMsLAew==", + "dev": true, + "requires": { + "@babel/types": "^7.0.0" + } + }, + "@types/babel__template": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.0.2.tgz", + "integrity": "sha512-/K6zCpeW7Imzgab2bLkLEbz0+1JlFSrUMdw7KoIIu+IUdu51GWaBZpd3y1VXGVXzynvGa4DaIaxNZHiON3GXUg==", + "dev": true, + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0" + } + }, + "@types/babel__traverse": { + "version": "7.0.11", + "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.0.11.tgz", + "integrity": "sha512-ddHK5icION5U6q11+tV2f9Mo6CZVuT8GJKld2q9LqHSZbvLbH34Kcu2yFGckZut453+eQU6btIA3RihmnRgI+Q==", + "dev": true, + "requires": { + "@babel/types": "^7.3.0" + } + }, + "@types/caseless": { + "version": "0.12.2", + "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz", + "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==" + }, + "@types/color-name": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@types/color-name/-/color-name-1.1.1.tgz", + "integrity": "sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==", + "dev": true + }, + "@types/graceful-fs": { + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.3.tgz", + "integrity": "sha512-AiHRaEB50LQg0pZmm659vNBb9f4SJ0qrAnteuzhSeAUcJKxoYgEnprg/83kppCnc2zvtCKbdZry1a5pVY3lOTQ==", + "dev": true, + "requires": { + "@types/node": "*" + } + }, + "@types/istanbul-lib-coverage": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.2.tgz", + "integrity": "sha512-rsZg7eL+Xcxsxk2XlBt9KcG8nOp9iYdKCOikY9x2RFJCyOdNj4MKPQty0e8oZr29vVAzKXr1BmR+kZauti3o1w==", + "dev": true + }, + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "*" + } + }, + "@types/istanbul-reports": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-1.1.2.tgz", + "integrity": "sha512-P/W9yOX/3oPZSpaYOCQzGqgCQRXn0FFO/V8bWrCQs+wLmvVVxk6CRBXALEvNs9OHIatlnlFokfhuDo2ug01ciw==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "*", + "@types/istanbul-lib-report": "*" + } + }, + "@types/js-yaml": { + "version": "3.12.4", + "resolved": "https://registry.npmjs.org/@types/js-yaml/-/js-yaml-3.12.4.tgz", + "integrity": "sha512-fYMgzN+9e28R81weVN49inn/u798ruU91En1ZnGvSZzCRc5jXx9B2EDhlRaWmcO1RIxFHL8AajRXzxDuJu93+A==" + }, + "@types/node": { + "version": "14.0.5", + "resolved": "https://registry.npmjs.org/@types/node/-/node-14.0.5.tgz", + "integrity": "sha512-90hiq6/VqtQgX8Sp0EzeIsv3r+ellbGj4URKj5j30tLlZvRUpnAe9YbYnjl3pJM93GyXU0tghHhvXHq+5rnCKA==" + }, + "@types/normalize-package-data": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@types/normalize-package-data/-/normalize-package-data-2.4.0.tgz", + "integrity": "sha512-f5j5b/Gf71L+dbqxIpQ4Z2WlmI/mPJ0fOkGGmFgtb6sAu97EPczzbS3/tJKxmcYDj55OX6ssqwDAWOHIYDRDGA==", + "dev": true + }, + "@types/prettier": { + "version": "1.19.1", + "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-1.19.1.tgz", + "integrity": "sha512-5qOlnZscTn4xxM5MeGXAMOsIOIKIbh9e85zJWfBRVPlRMEVawzoPhINYbRGkBZCI8LxvBe7tJCdWiarA99OZfQ==", + "dev": true + }, + "@types/request": { + "version": "2.48.5", + "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.5.tgz", + "integrity": "sha512-/LO7xRVnL3DxJ1WkPGDQrp4VTV1reX9RkC85mJ+Qzykj2Bdw+mG15aAfDahc76HtknjzE16SX/Yddn6MxVbmGQ==", + "requires": { + "@types/caseless": "*", + "@types/node": "*", + "@types/tough-cookie": "*", + "form-data": "^2.5.0" + }, + "dependencies": { + "form-data": { + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz", + "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==", + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.6", + "mime-types": "^2.1.12" + } + } + } + }, + "@types/stack-utils": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-1.0.1.tgz", + "integrity": "sha512-l42BggppR6zLmpfU6fq9HEa2oGPEI8yrSPL3GITjfRInppYFahObbIQOQK3UGxEnyQpltZLaPe75046NOZQikw==", + "dev": true + }, + "@types/tough-cookie": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.0.tgz", + "integrity": "sha512-I99sngh224D0M7XgW1s120zxCt3VYQ3IQsuw3P3jbq5GG4yc79+ZjyKznyOGIQrflfylLgcfekeZW/vk0yng6A==" + }, + "@types/underscore": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/@types/underscore/-/underscore-1.10.0.tgz", + "integrity": "sha512-ZAbqul7QAKpM2h1PFGa5ETN27ulmqtj0QviYHasw9LffvXZvVHuraOx/FOsIPPDNGZN0Qo1nASxxSfMYOtSoCw==" + }, + "@types/ws": { + "version": "6.0.4", + "resolved": "https://registry.npmjs.org/@types/ws/-/ws-6.0.4.tgz", + "integrity": "sha512-PpPrX7SZW9re6+Ha8ojZG4Se8AZXgf0GK6zmfqEuCsY49LFDNXO3SByp44X3dFEqtB73lkCDAdUazhAjVPiNwg==", + "requires": { + "@types/node": "*" + } + }, + "@types/yargs": { + "version": "15.0.5", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-15.0.5.tgz", + "integrity": "sha512-Dk/IDOPtOgubt/IaevIUbTgV7doaKkoorvOyYM2CMwuDyP89bekI7H4xLIwunNYiK9jhCkmc6pUrJk3cj2AB9w==", + "dev": true, + "requires": { + "@types/yargs-parser": "*" + } + }, + "@types/yargs-parser": { + "version": "15.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-15.0.0.tgz", + "integrity": "sha512-FA/BWv8t8ZWJ+gEOnLLd8ygxH/2UFbAvgEonyfN6yWGLKc7zVjbpl2Y4CTjid9h2RfgPP6SEt6uHwEOply00yw==", + "dev": true + }, + "abab": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.3.tgz", + "integrity": "sha512-tsFzPpcttalNjFBCFMqsKYQcWxxen1pgJR56by//QwvJc4/OUS3kPOOttx2tSIfjsylB0pYu7f5D3K1RCxUnUg==", + "dev": true + }, + "acorn": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.2.0.tgz", + "integrity": "sha512-apwXVmYVpQ34m/i71vrApRrRKCWQnZZF1+npOD0WV5xZFfwWOmKGQ2RWlfdy9vWITsenisM8M0Qeq8agcFHNiQ==", + "dev": true + }, + "acorn-globals": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-4.3.4.tgz", + "integrity": "sha512-clfQEh21R+D0leSbUdWf3OcfqyaCSAQ8Ryq00bofSekfr9W8u1jyYZo6ir0xu9Gtcf7BjcHJpnbZH7JOCpP60A==", + "dev": true, + "requires": { + "acorn": "^6.0.1", + "acorn-walk": "^6.0.1" + }, + "dependencies": { + "acorn": { + "version": "6.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", + "integrity": "sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==", + "dev": true + } + } + }, + "acorn-walk": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-6.2.0.tgz", + "integrity": "sha512-7evsyfH1cLOCdAzZAd43Cic04yKydNx0cF+7tiA19p1XnLLPU4dpCQOqpjqwokFe//vS0QqfqqjCS2JkiIs0cA==", + "dev": true + }, + "aggregate-error": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-1.0.0.tgz", + "integrity": "sha1-iINE2tAiCnLjr1CQYRf0h3GSX6w=", + "requires": { + "clean-stack": "^1.0.0", + "indent-string": "^3.0.0" + } + }, + "ajv": { + "version": "6.12.2", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.2.tgz", + "integrity": "sha512-k+V+hzjm5q/Mr8ef/1Y9goCmlsK4I6Sm74teeyGvFk1XrOsbsKLjEdrvny42CZ+a8sXbk8KWpY/bDwS+FLL2UQ==", + "requires": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, + "ansi-escapes": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.1.tgz", + "integrity": "sha512-JWF7ocqNrp8u9oqpgV+wH5ftbt+cfvv+PTjOvKLT3AdYly/LmORARfEVT1iyjwN+4MqE5UmVKoAdIBqeoCHgLA==", + "dev": true, + "requires": { + "type-fest": "^0.11.0" + }, + "dependencies": { + "type-fest": { + "version": "0.11.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.11.0.tgz", + "integrity": "sha512-OdjXJxnCN1AvyLSzeKIgXTXxV+99ZuXl3Hpo9XpJAv9MBcHrrJOQ5kV7ypXOuQie+AmWG25hLbiKdwYTifzcfQ==", + "dev": true + } + } + }, + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==", + "dev": true + }, + "ansi-styles": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.2.1.tgz", + "integrity": "sha512-9VGjrMsG1vePxcSweQsN20KY/c4zN0h9fLjqAbwbPfahM3t+NL+M9HC8xeXG2I8pX5NoamTGNuomEUFI7fcUjA==", + "dev": true, + "requires": { + "@types/color-name": "^1.1.1", + "color-convert": "^2.0.1" + } + }, + "anymatch": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.1.tgz", + "integrity": "sha512-mM8522psRCqzV+6LhomX5wgp25YVibjh8Wj23I5RPkPppSVSjyKD2A2mBJmWGa+KN7f2D6LNh9jkBCeyLktzjg==", + "dev": true, + "requires": { + "normalize-path": "^3.0.0", + "picomatch": "^2.0.4" + } + }, + "argparse": { + "version": "1.0.10", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "requires": { + "sprintf-js": "~1.0.2" + } + }, + "arr-diff": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/arr-diff/-/arr-diff-4.0.0.tgz", + "integrity": "sha1-1kYQdP6/7HHn4VI1dhoyml3HxSA=", + "dev": true + }, + "arr-flatten": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/arr-flatten/-/arr-flatten-1.1.0.tgz", + "integrity": "sha512-L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg==", + "dev": true + }, + "arr-union": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-3.1.0.tgz", + "integrity": "sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ=", + "dev": true + }, + "array-equal": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/array-equal/-/array-equal-1.0.0.tgz", + "integrity": "sha1-jCpe8kcv2ep0KwTHenUJO6J1fJM=", + "dev": true + }, + "array-unique": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.3.2.tgz", + "integrity": "sha1-qJS3XUvE9s1nnvMkSp/Y9Gri1Cg=", + "dev": true + }, + "asn1": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", + "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", + "requires": { + "safer-buffer": "~2.1.0" + } + }, + "assert-plus": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", + "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=" + }, + "assign-symbols": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assign-symbols/-/assign-symbols-1.0.0.tgz", + "integrity": "sha1-WWZ/QfrdTyDMvCu5a41Pf3jsA2c=", + "dev": true + }, + "astral-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-1.0.0.tgz", + "integrity": "sha512-+Ryf6g3BKoRc7jfp7ad8tM4TtMiaWvbF/1/sQcZPkkS7ag3D5nMBCe2UfOTONtAkaG0tO0ij3C5Lwmf1EiyjHg==", + "dev": true + }, + "async-limiter": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/async-limiter/-/async-limiter-1.0.1.tgz", + "integrity": "sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ==" + }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=" + }, + "atob": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz", + "integrity": "sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==", + "dev": true + }, + "aws-sign2": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", + "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=" + }, + "aws4": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.10.0.tgz", + "integrity": "sha512-3YDiu347mtVtjpyV3u5kVqQLP242c06zwDOgpeRnybmXlYYsLbtTrUBUm8i8srONt+FWobl5aibnU1030PeeuA==" + }, + "babel-jest": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-25.5.1.tgz", + "integrity": "sha512-9dA9+GmMjIzgPnYtkhBg73gOo/RHqPmLruP3BaGL4KEX3Dwz6pI8auSN8G8+iuEG90+GSswyKvslN+JYSaacaQ==", + "dev": true, + "requires": { + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "@types/babel__core": "^7.1.7", + "babel-plugin-istanbul": "^6.0.0", + "babel-preset-jest": "^25.5.0", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "slash": "^3.0.0" + } + }, + "babel-plugin-istanbul": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.0.0.tgz", + "integrity": "sha512-AF55rZXpe7trmEylbaE1Gv54wn6rwU03aptvRoVIGP8YykoSxqdVLV1TfwflBCE/QtHmqtP8SWlTENqbK8GCSQ==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.0.0", + "@istanbuljs/load-nyc-config": "^1.0.0", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-instrument": "^4.0.0", + "test-exclude": "^6.0.0" + } + }, + "babel-plugin-jest-hoist": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-25.5.0.tgz", + "integrity": "sha512-u+/W+WAjMlvoocYGTwthAiQSxDcJAyHpQ6oWlHdFZaaN+Rlk8Q7iiwDPg2lN/FyJtAYnKjFxbn7xus4HCFkg5g==", + "dev": true, + "requires": { + "@babel/template": "^7.3.3", + "@babel/types": "^7.3.3", + "@types/babel__traverse": "^7.0.6" + } + }, + "babel-preset-current-node-syntax": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-0.1.2.tgz", + "integrity": "sha512-u/8cS+dEiK1SFILbOC8/rUI3ml9lboKuuMvZ/4aQnQmhecQAgPw5ew066C1ObnEAUmlx7dv/s2z52psWEtLNiw==", + "dev": true, + "requires": { + "@babel/plugin-syntax-async-generators": "^7.8.4", + "@babel/plugin-syntax-bigint": "^7.8.3", + "@babel/plugin-syntax-class-properties": "^7.8.3", + "@babel/plugin-syntax-json-strings": "^7.8.3", + "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", + "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", + "@babel/plugin-syntax-numeric-separator": "^7.8.3", + "@babel/plugin-syntax-object-rest-spread": "^7.8.3", + "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", + "@babel/plugin-syntax-optional-chaining": "^7.8.3" + } + }, + "babel-preset-jest": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-25.5.0.tgz", + "integrity": "sha512-8ZczygctQkBU+63DtSOKGh7tFL0CeCuz+1ieud9lJ1WPQ9O6A1a/r+LGn6Y705PA6whHQ3T1XuB/PmpfNYf8Fw==", + "dev": true, + "requires": { + "babel-plugin-jest-hoist": "^25.5.0", + "babel-preset-current-node-syntax": "^0.1.2" + } + }, + "balanced-match": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", + "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=" + }, + "base": { + "version": "0.11.2", + "resolved": "https://registry.npmjs.org/base/-/base-0.11.2.tgz", + "integrity": "sha512-5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg==", + "dev": true, + "requires": { + "cache-base": "^1.0.1", + "class-utils": "^0.3.5", + "component-emitter": "^1.2.1", + "define-property": "^1.0.0", + "isobject": "^3.0.1", + "mixin-deep": "^1.2.0", + "pascalcase": "^0.1.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "base64-js": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.3.1.tgz", + "integrity": "sha512-mLQ4i2QO1ytvGWFWmcngKO//JXAQueZvwEKtjgQFM4jIK0kU+ytMfplL8j+n5mspOfjHwoAg+9yhb7BwAHm36g==" + }, + "base64url": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/base64url/-/base64url-3.0.1.tgz", + "integrity": "sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A==" + }, + "bcrypt-pbkdf": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", + "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", + "requires": { + "tweetnacl": "^0.14.3" + } + }, + "brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "braces": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "dev": true, + "requires": { + "fill-range": "^7.0.1" + } + }, + "browser-process-hrtime": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", + "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==", + "dev": true + }, + "browser-resolve": { + "version": "1.11.3", + "resolved": "https://registry.npmjs.org/browser-resolve/-/browser-resolve-1.11.3.tgz", + "integrity": "sha512-exDi1BYWB/6raKHmDTCicQfTkqwN5fioMFV4j8BsfMU4R2DK/QfZfK7kOVkmWCNANf0snkBzqGqAJBao9gZMdQ==", + "dev": true, + "requires": { + "resolve": "1.1.7" + }, + "dependencies": { + "resolve": { + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.1.7.tgz", + "integrity": "sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs=", + "dev": true + } + } + }, + "browserify-zlib": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/browserify-zlib/-/browserify-zlib-0.2.0.tgz", + "integrity": "sha512-Z942RysHXmJrhqk88FmKBVq/v5tqmSkDz7p54G/MGyjMnCFFnC79XWNbg+Vta8W6Wb2qtSZTSxIGkJrRpCFEiA==", + "requires": { + "pako": "~1.0.5" + } + }, + "bser": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "dev": true, + "requires": { + "node-int64": "^0.4.0" + } + }, + "buffer": { + "version": "5.6.0", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.6.0.tgz", + "integrity": "sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==", + "requires": { + "base64-js": "^1.0.2", + "ieee754": "^1.1.4" + } + }, + "buffer-from": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", + "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==", + "dev": true + }, + "byline": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/byline/-/byline-5.0.0.tgz", + "integrity": "sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE=" + }, + "cache-base": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/cache-base/-/cache-base-1.0.1.tgz", + "integrity": "sha512-AKcdTnFSWATd5/GCPRxr2ChwIJ85CeyrEyjRHlKxQ56d4XJMGym0uAiKn0xbLOGOl3+yRpOTi484dVCEc5AUzQ==", + "dev": true, + "requires": { + "collection-visit": "^1.0.0", + "component-emitter": "^1.2.1", + "get-value": "^2.0.6", + "has-value": "^1.0.0", + "isobject": "^3.0.1", + "set-value": "^2.0.0", + "to-object-path": "^0.3.0", + "union-value": "^1.0.0", + "unset-value": "^1.0.0" + } + }, + "cacheable-request": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-2.1.4.tgz", + "integrity": "sha1-DYCIAbY0KtM8kd+dC0TcCbkeXD0=", + "requires": { + "clone-response": "1.0.2", + "get-stream": "3.0.0", + "http-cache-semantics": "3.8.1", + "keyv": "3.0.0", + "lowercase-keys": "1.0.0", + "normalize-url": "2.0.1", + "responselike": "1.0.2" + }, + "dependencies": { + "get-stream": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-3.0.0.tgz", + "integrity": "sha1-jpQ9E1jcN1VQVOy+LtsFqhdO3hQ=" + }, + "lowercase-keys": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.0.tgz", + "integrity": "sha1-TjNms55/VFfjXxMkvfb4jQv8cwY=" + } + } + }, + "callsites": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "dev": true + }, + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true + }, + "capture-exit": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/capture-exit/-/capture-exit-2.0.0.tgz", + "integrity": "sha512-PiT/hQmTonHhl/HFGN+Lx3JJUznrVYJ3+AQsnthneZbvW7x+f08Tk7yLJTLEOUvBTbduLeeBkxEaYXUOUrRq6g==", + "dev": true, + "requires": { + "rsvp": "^4.8.4" + } + }, + "caseless": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", + "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=" + }, + "chalk": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-3.0.0.tgz", + "integrity": "sha512-4D3B6Wf41KOYRFdszmDqMCGq5VV/uMAB273JILmO+3jAlh8X4qDtdtgCR3fxtbLEMzSx22QdhnDcJvu2u1fVwg==", + "dev": true, + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } + }, + "ci-info": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", + "integrity": "sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==", + "dev": true + }, + "class-utils": { + "version": "0.3.6", + "resolved": "https://registry.npmjs.org/class-utils/-/class-utils-0.3.6.tgz", + "integrity": "sha512-qOhPa/Fj7s6TY8H8esGu5QNpMMQxz79h+urzrNYN6mn+9BnxlDGf5QZ+XeCDsxSjPqsSR56XOZOJmpeurnLMeg==", + "dev": true, + "requires": { + "arr-union": "^3.1.0", + "define-property": "^0.2.5", + "isobject": "^3.0.0", + "static-extend": "^0.1.1" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "clean-stack": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-1.3.0.tgz", + "integrity": "sha1-noIVAa6XmYbEax1m0tQy2y/UrjE=" + }, + "cliui": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-6.0.0.tgz", + "integrity": "sha512-t6wbgtoCXvAzst7QgXxJYqPt0usEfbgQdftEPbLL/cvv6HPE5VgvqCuAIDR0NgU52ds6rFwqrgakNLrHEjCbrQ==", + "dev": true, + "requires": { + "string-width": "^4.2.0", + "strip-ansi": "^6.0.0", + "wrap-ansi": "^6.2.0" + } + }, + "clone-response": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/clone-response/-/clone-response-1.0.2.tgz", + "integrity": "sha1-0dyXOSAxTfZ/vrlCI7TuNQI56Ws=", + "requires": { + "mimic-response": "^1.0.0" + } + }, + "co": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=", + "dev": true + }, + "collect-v8-coverage": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", + "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", + "dev": true + }, + "collection-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/collection-visit/-/collection-visit-1.0.0.tgz", + "integrity": "sha1-S8A3PBZLwykbTTaMgpzxqApZ3KA=", + "dev": true, + "requires": { + "map-visit": "^1.0.0", + "object-visit": "^1.0.0" + } + }, + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "requires": { + "color-name": "~1.1.4" + } + }, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "requires": { + "delayed-stream": "~1.0.0" + } + }, + "component-emitter": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz", + "integrity": "sha512-Rd3se6QB+sO1TwqZjscQrurpEPIfO0/yYnSin6Q/rD3mOutHvUrCAhJub3r90uNb+SESBuE0QYoB90YdfatsRg==", + "dev": true + }, + "concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" + }, + "convert-source-map": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.7.0.tgz", + "integrity": "sha512-4FJkXzKXEDB1snCFZlLP4gpC3JILicCpGbzG9f9G7tGqGCzETQ2hWPrcinA9oU4wtf2biUaEH5065UnMeR33oA==", + "dev": true, + "requires": { + "safe-buffer": "~5.1.1" + } + }, + "copy-descriptor": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz", + "integrity": "sha1-Z29us8OZl8LuGsOpJP1hJHSPV40=", + "dev": true + }, + "core-util-is": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", + "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=" + }, + "cross-spawn": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", + "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==", + "requires": { + "nice-try": "^1.0.4", + "path-key": "^2.0.1", + "semver": "^5.5.0", + "shebang-command": "^1.2.0", + "which": "^1.2.9" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==" + }, + "which": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", + "requires": { + "isexe": "^2.0.0" + } + } + } + }, + "cssom": { + "version": "0.4.4", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz", + "integrity": "sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw==", + "dev": true + }, + "cssstyle": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-2.3.0.tgz", + "integrity": "sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A==", + "dev": true, + "requires": { + "cssom": "~0.3.6" + }, + "dependencies": { + "cssom": { + "version": "0.3.8", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz", + "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==", + "dev": true + } + } + }, + "dashdash": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", + "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "requires": { + "assert-plus": "^1.0.0" + } + }, + "data-urls": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-1.1.0.tgz", + "integrity": "sha512-YTWYI9se1P55u58gL5GkQHW4P6VJBJ5iBT+B5a7i2Tjadhv52paJG0qHX4A0OR6/t52odI64KP2YvFpkDOi3eQ==", + "dev": true, + "requires": { + "abab": "^2.0.0", + "whatwg-mimetype": "^2.2.0", + "whatwg-url": "^7.0.0" + } + }, + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "dev": true, + "requires": { + "ms": "^2.1.1" + } + }, + "decamelize": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", + "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=", + "dev": true + }, + "decode-uri-component": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.0.tgz", + "integrity": "sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=" + }, + "decompress-response": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-3.3.0.tgz", + "integrity": "sha1-gKTdMjdIOEv6JICDYirt7Jgq3/M=", + "requires": { + "mimic-response": "^1.0.0" + } + }, + "deep-is": { + "version": "0.1.3", + "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", + "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", + "dev": true + }, + "deepmerge": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz", + "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==", + "dev": true + }, + "define-property": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-2.0.2.tgz", + "integrity": "sha512-jwK2UV4cnPpbcG7+VRARKTZPUWowwXA8bzH5NP6ud0oeAxyYPuGZUAC7hMugpCdz4BeSZl2Dl9k66CHJ/46ZYQ==", + "dev": true, + "requires": { + "is-descriptor": "^1.0.2", + "isobject": "^3.0.1" + }, + "dependencies": { + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=" + }, + "detect-newline": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", + "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "dev": true + }, + "diff-sequences": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-25.2.6.tgz", + "integrity": "sha512-Hq8o7+6GaZeoFjtpgvRBUknSXNeJiCx7V9Fr94ZMljNiCr9n9L8H8aJqgWOQiDDGdyn29fRNcDdRVJ5fdyihfg==", + "dev": true + }, + "domexception": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/domexception/-/domexception-1.0.1.tgz", + "integrity": "sha512-raigMkn7CJNNo6Ihro1fzG7wr3fHuYVytzquZKX5n0yizGsTcYgzdIUwj1X9pK0VvjeihV+XiclP+DjwbsSKug==", + "dev": true, + "requires": { + "webidl-conversions": "^4.0.2" + } + }, + "duplexer3": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/duplexer3/-/duplexer3-0.1.4.tgz", + "integrity": "sha1-7gHdHKwO08vH/b6jfcCo8c4ALOI=" + }, + "ecc-jsbn": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", + "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "requires": { + "jsbn": "~0.1.0", + "safer-buffer": "^2.1.0" + } + }, + "emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true + }, + "end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "requires": { + "once": "^1.4.0" + } + }, + "error-ex": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "dev": true, + "requires": { + "is-arrayish": "^0.2.1" + } + }, + "es6-promise": { + "version": "4.2.8", + "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-4.2.8.tgz", + "integrity": "sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==" + }, + "escape-string-regexp": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", + "dev": true + }, + "escodegen": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-1.14.1.tgz", + "integrity": "sha512-Bmt7NcRySdIfNPfU2ZoXDrrXsG9ZjvDxcAlMfDUgRBjLOWTuIACXPBFJH7Z+cLb40JeQco5toikyc9t9P8E9SQ==", + "dev": true, + "requires": { + "esprima": "^4.0.1", + "estraverse": "^4.2.0", + "esutils": "^2.0.2", + "optionator": "^0.8.1", + "source-map": "~0.6.1" + } + }, + "esprima": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==" + }, + "estraverse": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==", + "dev": true + }, + "esutils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", + "dev": true + }, + "exec-sh": { + "version": "0.3.4", + "resolved": "https://registry.npmjs.org/exec-sh/-/exec-sh-0.3.4.tgz", + "integrity": "sha512-sEFIkc61v75sWeOe72qyrqg2Qg0OuLESziUDk/O/z2qgS15y2gWVFrI6f2Qn/qw/0/NCfCEsmNA4zOjkwEZT1A==", + "dev": true + }, + "execa": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz", + "integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==", + "requires": { + "cross-spawn": "^6.0.0", + "get-stream": "^4.0.0", + "is-stream": "^1.1.0", + "npm-run-path": "^2.0.0", + "p-finally": "^1.0.0", + "signal-exit": "^3.0.0", + "strip-eof": "^1.0.0" + } + }, + "exit": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw=", + "dev": true + }, + "expand-brackets": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/expand-brackets/-/expand-brackets-2.1.4.tgz", + "integrity": "sha1-t3c14xXOMPa27/D4OwQVGiJEliI=", + "dev": true, + "requires": { + "debug": "^2.3.3", + "define-property": "^0.2.5", + "extend-shallow": "^2.0.1", + "posix-character-classes": "^0.1.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true + } + } + }, + "expect": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/expect/-/expect-25.5.0.tgz", + "integrity": "sha512-w7KAXo0+6qqZZhovCaBVPSIqQp7/UTcx4M9uKt2m6pd2VB1voyC8JizLRqeEqud3AAVP02g+hbErDu5gu64tlA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "ansi-styles": "^4.0.0", + "jest-get-type": "^25.2.6", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-regex-util": "^25.2.6" + } + }, + "extend": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==" + }, + "extend-shallow": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-3.0.2.tgz", + "integrity": "sha1-Jqcarwc7OfshJxcnRhMcJwQCjbg=", + "dev": true, + "requires": { + "assign-symbols": "^1.0.0", + "is-extendable": "^1.0.1" + }, + "dependencies": { + "is-extendable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", + "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "dev": true, + "requires": { + "is-plain-object": "^2.0.4" + } + } + } + }, + "extglob": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/extglob/-/extglob-2.0.4.tgz", + "integrity": "sha512-Nmb6QXkELsuBr24CJSkilo6UHHgbekK5UiZgfE6UHD3Eb27YC6oD+bhcT+tJ6cl8dmsgdQxnWlcry8ksBIBLpw==", + "dev": true, + "requires": { + "array-unique": "^0.3.2", + "define-property": "^1.0.0", + "expand-brackets": "^2.1.4", + "extend-shallow": "^2.0.1", + "fragment-cache": "^0.2.1", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "extsprintf": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", + "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=" + }, + "fast-deep-equal": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.1.tgz", + "integrity": "sha512-8UEa58QDLauDNfpbrX55Q9jrGHThw2ZMdOky5Gl1CDtVeJDPVrG4Jxx1N8jw2gkWaff5UUuX1KJd+9zGe2B+ZA==" + }, + "fast-json-stable-stringify": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==" + }, + "fast-levenshtein": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", + "dev": true + }, + "fb-watchman": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", + "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", + "dev": true, + "requires": { + "bser": "2.1.1" + } + }, + "fill-range": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "dev": true, + "requires": { + "to-regex-range": "^5.0.1" + } + }, + "find-up": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dev": true, + "requires": { + "locate-path": "^5.0.0", + "path-exists": "^4.0.0" + } + }, + "for-in": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz", + "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA=", + "dev": true + }, + "forever-agent": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", + "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=" + }, + "form-data": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", + "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.6", + "mime-types": "^2.1.12" + } + }, + "fragment-cache": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/fragment-cache/-/fragment-cache-0.2.1.tgz", + "integrity": "sha1-QpD60n8T6Jvn8zeZxrxaCr//DRk=", + "dev": true, + "requires": { + "map-cache": "^0.2.2" + } + }, + "from2": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/from2/-/from2-2.3.0.tgz", + "integrity": "sha1-i/tVAr3kpNNs/e6gB/zKIdfjgq8=", + "requires": { + "inherits": "^2.0.1", + "readable-stream": "^2.0.0" + } + }, + "fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" + }, + "fsevents": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.1.3.tgz", + "integrity": "sha512-Auw9a4AxqWpa9GUfj370BMPzzyncfBABW8Mab7BGWBYDj4Isgq+cDKtx0i6u9jcX9pQDnswsaaOTgTmA5pEjuQ==", + "dev": true, + "optional": true + }, + "gensync": { + "version": "1.0.0-beta.1", + "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.1.tgz", + "integrity": "sha512-r8EC6NO1sngH/zdD9fiRDLdcgnbayXah+mLgManTaIZJqEC1MZstmnox8KpnI2/fxQwrp5OpCOYWLp4rBl4Jcg==", + "dev": true + }, + "get-caller-file": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true + }, + "get-package-type": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", + "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "dev": true + }, + "get-stream": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz", + "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==", + "requires": { + "pump": "^3.0.0" + } + }, + "get-value": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/get-value/-/get-value-2.0.6.tgz", + "integrity": "sha1-3BXKHGcjh8p2vTesCjlbogQqLCg=", + "dev": true + }, + "getpass": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", + "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "requires": { + "assert-plus": "^1.0.0" + } + }, + "glob": { + "version": "7.1.6", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", + "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + } + }, + "globals": { + "version": "11.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true + }, + "got": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/got/-/got-8.3.2.tgz", + "integrity": "sha512-qjUJ5U/hawxosMryILofZCkm3C84PLJS/0grRIpjAwu+Lkxxj5cxeCU25BG0/3mDSpXKTyZr8oh8wIgLaH0QCw==", + "requires": { + "@sindresorhus/is": "^0.7.0", + "cacheable-request": "^2.1.1", + "decompress-response": "^3.3.0", + "duplexer3": "^0.1.4", + "get-stream": "^3.0.0", + "into-stream": "^3.1.0", + "is-retry-allowed": "^1.1.0", + "isurl": "^1.0.0-alpha5", + "lowercase-keys": "^1.0.0", + "mimic-response": "^1.0.0", + "p-cancelable": "^0.4.0", + "p-timeout": "^2.0.1", + "pify": "^3.0.0", + "safe-buffer": "^5.1.1", + "timed-out": "^4.0.1", + "url-parse-lax": "^3.0.0", + "url-to-options": "^1.0.1" + }, + "dependencies": { + "get-stream": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-3.0.0.tgz", + "integrity": "sha1-jpQ9E1jcN1VQVOy+LtsFqhdO3hQ=" + } + } + }, + "graceful-fs": { + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.4.tgz", + "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==", + "dev": true + }, + "growly": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/growly/-/growly-1.3.0.tgz", + "integrity": "sha1-8QdIy+dq+WS3yWyTxrzCivEgwIE=", + "dev": true, + "optional": true + }, + "har-schema": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", + "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=" + }, + "har-validator": { + "version": "5.1.3", + "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz", + "integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==", + "requires": { + "ajv": "^6.5.5", + "har-schema": "^2.0.0" + } + }, + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "dev": true + }, + "has-symbol-support-x": { + "version": "1.4.2", + "resolved": "https://registry.npmjs.org/has-symbol-support-x/-/has-symbol-support-x-1.4.2.tgz", + "integrity": "sha512-3ToOva++HaW+eCpgqZrCfN51IPB+7bJNVT6CUATzueB5Heb8o6Nam0V3HG5dlDvZU1Gn5QLcbahiKw/XVk5JJw==" + }, + "has-to-string-tag-x": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/has-to-string-tag-x/-/has-to-string-tag-x-1.4.1.tgz", + "integrity": "sha512-vdbKfmw+3LoOYVr+mtxHaX5a96+0f3DljYd8JOqvOLsf5mw2Otda2qCDT9qRqLAhrjyQ0h7ual5nOiASpsGNFw==", + "requires": { + "has-symbol-support-x": "^1.4.1" + } + }, + "has-value": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-value/-/has-value-1.0.0.tgz", + "integrity": "sha1-GLKB2lhbHFxR3vJMkw7SmgvmsXc=", + "dev": true, + "requires": { + "get-value": "^2.0.6", + "has-values": "^1.0.0", + "isobject": "^3.0.0" + } + }, + "has-values": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-values/-/has-values-1.0.0.tgz", + "integrity": "sha1-lbC2P+whRmGab+V/51Yo1aOe/k8=", + "dev": true, + "requires": { + "is-number": "^3.0.0", + "kind-of": "^4.0.0" + }, + "dependencies": { + "is-number": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", + "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "kind-of": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-4.0.0.tgz", + "integrity": "sha1-IIE989cSkosgc3hpGkUGb65y3Vc=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "hosted-git-info": { + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.8.tgz", + "integrity": "sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==", + "dev": true + }, + "html-encoding-sniffer": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-1.0.2.tgz", + "integrity": "sha512-71lZziiDnsuabfdYiUeWdCVyKuqwWi23L8YeIgV9jSSZHCtb6wB1BKWooH7L3tn4/FuZJMVWyNaIDr4RGmaSYw==", + "dev": true, + "requires": { + "whatwg-encoding": "^1.0.1" + } + }, + "html-escaper": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "dev": true + }, + "http-cache-semantics": { + "version": "3.8.1", + "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-3.8.1.tgz", + "integrity": "sha512-5ai2iksyV8ZXmnZhHH4rWPoxxistEexSi5936zIQ1bnNTW5VnA85B6P/VpXiRM017IgRvb2kKo1a//y+0wSp3w==" + }, + "http-signature": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", + "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "requires": { + "assert-plus": "^1.0.0", + "jsprim": "^1.2.2", + "sshpk": "^1.7.0" + } + }, + "human-signals": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-1.1.1.tgz", + "integrity": "sha512-SEQu7vl8KjNL2eoGBLF3+wAjpsNfA9XMlXAYj/3EdaNfAlxKthD1xjEQfGOUhllCGGJVNY34bRr6lPINhNjyZw==", + "dev": true + }, + "iconv-lite": { + "version": "0.4.24", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", + "dev": true, + "requires": { + "safer-buffer": ">= 2.1.2 < 3" + } + }, + "ieee754": { + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz", + "integrity": "sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==" + }, + "import-local": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.2.tgz", + "integrity": "sha512-vjL3+w0oulAVZ0hBHnxa/Nm5TAurf9YLQJDhqRZyqb+VKGOB6LU8t9H1Nr5CIo16vh9XfJTOoHwU0B71S557gA==", + "dev": true, + "requires": { + "pkg-dir": "^4.2.0", + "resolve-cwd": "^3.0.0" + } + }, + "imurmurhash": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", + "dev": true + }, + "indent-string": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-3.2.0.tgz", + "integrity": "sha1-Sl/W0nzDMvN+VBmlBNu4NxBckok=" + }, + "inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "requires": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" + }, + "interpret": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/interpret/-/interpret-1.4.0.tgz", + "integrity": "sha512-agE4QfB2Lkp9uICn7BAqoscw4SZP9kTE2hxiFI3jBPmXJfdqiahTbUuKGsMoN2GtqL9AxhYioAcVvgsb1HvRbA==" + }, + "into-stream": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/into-stream/-/into-stream-3.1.0.tgz", + "integrity": "sha1-lvsKk2wSur1v8XUqF9BWFqvQlMY=", + "requires": { + "from2": "^2.1.1", + "p-is-promise": "^1.1.0" + } + }, + "ip-regex": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-2.1.0.tgz", + "integrity": "sha1-+ni/XS5pE8kRzp+BnuUUa7bYROk=", + "dev": true + }, + "is-accessor-descriptor": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz", + "integrity": "sha1-qeEss66Nh2cn7u84Q/igiXtcmNY=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "is-arrayish": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", + "dev": true + }, + "is-buffer": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", + "dev": true + }, + "is-ci": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-2.0.0.tgz", + "integrity": "sha512-YfJT7rkpQB0updsdHLGWrvhBJfcfzNNawYDNIyQXJz0IViGf75O8EBPKSdvw2rF+LGCsX4FZ8tcr3b19LcZq4w==", + "dev": true, + "requires": { + "ci-info": "^2.0.0" + } + }, + "is-data-descriptor": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-0.1.4.tgz", + "integrity": "sha1-C17mSDiOLIYCgueT8YVv7D8wG1Y=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "is-descriptor": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-0.1.6.tgz", + "integrity": "sha512-avDYr0SB3DwO9zsMov0gKCESFYqCnE4hq/4z3TdUlukEy5t9C0YRq7HLrsN52NAcqXKaepeCD0n+B0arnVG3Hg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^0.1.6", + "is-data-descriptor": "^0.1.4", + "kind-of": "^5.0.0" + }, + "dependencies": { + "kind-of": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-5.1.0.tgz", + "integrity": "sha512-NGEErnH6F2vUuXDh+OlbcKW7/wOcfdRHaZ7VWtqCztfHri/++YKmP51OdWeGPuqCOba6kk2OTe5d02VmTB80Pw==", + "dev": true + } + } + }, + "is-docker": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.0.0.tgz", + "integrity": "sha512-pJEdRugimx4fBMra5z2/5iRdZ63OhYV0vr0Dwm5+xtW4D1FvRkB8hamMIhnWfyJeDdyr/aa7BDyNbtG38VxgoQ==", + "dev": true, + "optional": true + }, + "is-extendable": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz", + "integrity": "sha1-YrEQ4omkcUGOPsNqYX1HLjAd/Ik=", + "dev": true + }, + "is-fullwidth-code-point": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true + }, + "is-generator-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "dev": true + }, + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true + }, + "is-object": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-object/-/is-object-1.0.1.tgz", + "integrity": "sha1-iVJojF7C/9awPsyF52ngKQMINHA=" + }, + "is-plain-obj": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-1.1.0.tgz", + "integrity": "sha1-caUMhCnfync8kqOQpKA7OfzVHT4=" + }, + "is-plain-object": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", + "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==", + "dev": true, + "requires": { + "isobject": "^3.0.1" + } + }, + "is-retry-allowed": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz", + "integrity": "sha512-RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg==" + }, + "is-stream": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", + "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=" + }, + "is-typedarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", + "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=" + }, + "is-windows": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", + "integrity": "sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA==", + "dev": true + }, + "is-wsl": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", + "integrity": "sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==", + "dev": true, + "optional": true, + "requires": { + "is-docker": "^2.0.0" + } + }, + "isarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=" + }, + "isexe": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" + }, + "isobject": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz", + "integrity": "sha1-TkMekrEalzFjaqH5yNHMvP2reN8=", + "dev": true + }, + "isomorphic-ws": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/isomorphic-ws/-/isomorphic-ws-4.0.1.tgz", + "integrity": "sha512-BhBvN2MBpWTaSHdWRb/bwdZJ1WaehQ2L1KngkCkfLUGF0mAWAT1sQUQacEmQ0jXkFw/czDXPNQSL5u2/Krsz1w==" + }, + "isstream": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", + "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=" + }, + "istanbul-lib-coverage": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.0.0.tgz", + "integrity": "sha512-UiUIqxMgRDET6eR+o5HbfRYP1l0hqkWOs7vNxC/mggutCMUIhWMm8gAHb8tHlyfD3/l6rlgNA5cKdDzEAf6hEg==", + "dev": true + }, + "istanbul-lib-instrument": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz", + "integrity": "sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==", + "dev": true, + "requires": { + "@babel/core": "^7.7.5", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-coverage": "^3.0.0", + "semver": "^6.3.0" + } + }, + "istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", + "dev": true, + "requires": { + "istanbul-lib-coverage": "^3.0.0", + "make-dir": "^3.0.0", + "supports-color": "^7.1.0" + } + }, + "istanbul-lib-source-maps": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.0.tgz", + "integrity": "sha512-c16LpFRkR8vQXyHZ5nLpY35JZtzj1PQY1iZmesUbf1FZHbIupcWfjgOXBY9YHkLEQ6puz1u4Dgj6qmU/DisrZg==", + "dev": true, + "requires": { + "debug": "^4.1.1", + "istanbul-lib-coverage": "^3.0.0", + "source-map": "^0.6.1" + } + }, + "istanbul-reports": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.0.2.tgz", + "integrity": "sha512-9tZvz7AiR3PEDNGiV9vIouQ/EAcqMXFmkcA1CDFTwOB98OZVDL0PH9glHotf5Ugp6GCOTypfzGWI/OqjWNCRUw==", + "dev": true, + "requires": { + "html-escaper": "^2.0.0", + "istanbul-lib-report": "^3.0.0" + } + }, + "isurl": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/isurl/-/isurl-1.0.0.tgz", + "integrity": "sha512-1P/yWsxPlDtn7QeRD+ULKQPaIaN6yF368GZ2vDfv0AL0NwpStafjWCDDdn0k8wgFMWpVAqG7oJhxHnlud42i9w==", + "requires": { + "has-to-string-tag-x": "^1.2.0", + "is-object": "^1.0.1" + } + }, + "jest": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest/-/jest-25.5.4.tgz", + "integrity": "sha512-hHFJROBTqZahnO+X+PMtT6G2/ztqAZJveGqz//FnWWHurizkD05PQGzRZOhF3XP6z7SJmL+5tCfW8qV06JypwQ==", + "dev": true, + "requires": { + "@jest/core": "^25.5.4", + "import-local": "^3.0.2", + "jest-cli": "^25.5.4" + }, + "dependencies": { + "jest-cli": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-25.5.4.tgz", + "integrity": "sha512-rG8uJkIiOUpnREh1768/N3n27Cm+xPFkSNFO91tgg+8o2rXeVLStz+vkXkGr4UtzH6t1SNbjwoiswd7p4AhHTw==", + "dev": true, + "requires": { + "@jest/core": "^25.5.4", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "import-local": "^3.0.2", + "is-ci": "^2.0.0", + "jest-config": "^25.5.4", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "prompts": "^2.0.1", + "realpath-native": "^2.0.0", + "yargs": "^15.3.1" + } + } + } + }, + "jest-changed-files": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-25.5.0.tgz", + "integrity": "sha512-EOw9QEqapsDT7mKF162m8HFzRPbmP8qJQny6ldVOdOVBz3ACgPm/1nAn5fPQ/NDaYhX/AHkrGwwkCncpAVSXcw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "execa": "^3.2.0", + "throat": "^5.0.0" + }, + "dependencies": { + "cross-spawn": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "dev": true, + "requires": { + "path-key": "^3.1.0", + "shebang-command": "^2.0.0", + "which": "^2.0.1" + } + }, + "execa": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/execa/-/execa-3.4.0.tgz", + "integrity": "sha512-r9vdGQk4bmCuK1yKQu1KTwcT2zwfWdbdaXfCtAh+5nU/4fSX+JAb7vZGvI5naJrQlvONrEB20jeruESI69530g==", + "dev": true, + "requires": { + "cross-spawn": "^7.0.0", + "get-stream": "^5.0.0", + "human-signals": "^1.1.1", + "is-stream": "^2.0.0", + "merge-stream": "^2.0.0", + "npm-run-path": "^4.0.0", + "onetime": "^5.1.0", + "p-finally": "^2.0.0", + "signal-exit": "^3.0.2", + "strip-final-newline": "^2.0.0" + } + }, + "get-stream": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.1.0.tgz", + "integrity": "sha512-EXr1FOzrzTfGeL0gQdeFEvOMm2mzMOglyiOXSTpPC+iAjAKftbr3jpCMWynogwYnM+eSj9sHGc6wjIcDvYiygw==", + "dev": true, + "requires": { + "pump": "^3.0.0" + } + }, + "is-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.0.tgz", + "integrity": "sha512-XCoy+WlUr7d1+Z8GgSuXmpuUFC9fOhRXglJMx+dwLKTkL44Cjd4W1Z5P+BQZpr+cR93aGP4S/s7Ftw6Nd/kiEw==", + "dev": true + }, + "npm-run-path": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", + "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "dev": true, + "requires": { + "path-key": "^3.0.0" + } + }, + "p-finally": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-2.0.1.tgz", + "integrity": "sha512-vpm09aKwq6H9phqRQzecoDpD8TmVyGw70qmWlyq5onxY7tqyTTFVvxMykxQSQKILBSFlbXpypIw2T1Ml7+DDtw==", + "dev": true + }, + "path-key": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true + }, + "shebang-command": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, + "requires": { + "shebang-regex": "^3.0.0" + } + }, + "shebang-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true + } + } + }, + "jest-config": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-25.5.4.tgz", + "integrity": "sha512-SZwR91SwcdK6bz7Gco8qL7YY2sx8tFJYzvg216DLihTWf+LKY/DoJXpM9nTzYakSyfblbqeU48p/p7Jzy05Atg==", + "dev": true, + "requires": { + "@babel/core": "^7.1.0", + "@jest/test-sequencer": "^25.5.4", + "@jest/types": "^25.5.0", + "babel-jest": "^25.5.1", + "chalk": "^3.0.0", + "deepmerge": "^4.2.2", + "glob": "^7.1.1", + "graceful-fs": "^4.2.4", + "jest-environment-jsdom": "^25.5.0", + "jest-environment-node": "^25.5.0", + "jest-get-type": "^25.2.6", + "jest-jasmine2": "^25.5.4", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "micromatch": "^4.0.2", + "pretty-format": "^25.5.0", + "realpath-native": "^2.0.0" + } + }, + "jest-diff": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-25.5.0.tgz", + "integrity": "sha512-z1kygetuPiREYdNIumRpAHY6RXiGmp70YHptjdaxTWGmA085W3iCnXNx0DhflK3vwrKmrRWyY1wUpkPMVxMK7A==", + "dev": true, + "requires": { + "chalk": "^3.0.0", + "diff-sequences": "^25.2.6", + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-docblock": { + "version": "25.3.0", + "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-25.3.0.tgz", + "integrity": "sha512-aktF0kCar8+zxRHxQZwxMy70stc9R1mOmrLsT5VO3pIT0uzGRSDAXxSlz4NqQWpuLjPpuMhPRl7H+5FRsvIQAg==", + "dev": true, + "requires": { + "detect-newline": "^3.0.0" + } + }, + "jest-each": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-25.5.0.tgz", + "integrity": "sha512-QBogUxna3D8vtiItvn54xXde7+vuzqRrEeaw8r1s+1TG9eZLVJE5ZkKoSUlqFwRjnlaA4hyKGiu9OlkFIuKnjA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "jest-get-type": "^25.2.6", + "jest-util": "^25.5.0", + "pretty-format": "^25.5.0" + } + }, + "jest-environment-jsdom": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-environment-jsdom/-/jest-environment-jsdom-25.5.0.tgz", + "integrity": "sha512-7Jr02ydaq4jaWMZLY+Skn8wL5nVIYpWvmeatOHL3tOcV3Zw8sjnPpx+ZdeBfc457p8jCR9J6YCc+Lga0oIy62A==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "jsdom": "^15.2.1" + } + }, + "jest-environment-node": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-25.5.0.tgz", + "integrity": "sha512-iuxK6rQR2En9EID+2k+IBs5fCFd919gVVK5BeND82fYeLWPqvRcFNPKu9+gxTwfB5XwBGBvZ0HFQa+cHtIoslA==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "semver": "^6.3.0" + } + }, + "jest-get-type": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-25.2.6.tgz", + "integrity": "sha512-DxjtyzOHjObRM+sM1knti6or+eOgcGU4xVSb2HNP1TqO4ahsT+rqZg+nyqHWJSvWgKC5cG3QjGFBqxLghiF/Ig==", + "dev": true + }, + "jest-haste-map": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-25.5.1.tgz", + "integrity": "sha512-dddgh9UZjV7SCDQUrQ+5t9yy8iEgKc1AKqZR9YDww8xsVOtzPQSMVLDChc21+g29oTRexb9/B0bIlZL+sWmvAQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "@types/graceful-fs": "^4.1.2", + "anymatch": "^3.0.3", + "fb-watchman": "^2.0.0", + "fsevents": "^2.1.2", + "graceful-fs": "^4.2.4", + "jest-serializer": "^25.5.0", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "micromatch": "^4.0.2", + "sane": "^4.0.3", + "walker": "^1.0.7", + "which": "^2.0.2" + } + }, + "jest-jasmine2": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-jasmine2/-/jest-jasmine2-25.5.4.tgz", + "integrity": "sha512-9acbWEfbmS8UpdcfqnDO+uBUgKa/9hcRh983IHdM+pKmJPL77G0sWAAK0V0kr5LK3a8cSBfkFSoncXwQlRZfkQ==", + "dev": true, + "requires": { + "@babel/traverse": "^7.1.0", + "@jest/environment": "^25.5.0", + "@jest/source-map": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "co": "^4.6.0", + "expect": "^25.5.0", + "is-generator-fn": "^2.0.0", + "jest-each": "^25.5.0", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-runtime": "^25.5.4", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "pretty-format": "^25.5.0", + "throat": "^5.0.0" + } + }, + "jest-leak-detector": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-25.5.0.tgz", + "integrity": "sha512-rV7JdLsanS8OkdDpZtgBf61L5xZ4NnYLBq72r6ldxahJWWczZjXawRsoHyXzibM5ed7C2QRjpp6ypgwGdKyoVA==", + "dev": true, + "requires": { + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-matcher-utils": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-25.5.0.tgz", + "integrity": "sha512-VWI269+9JS5cpndnpCwm7dy7JtGQT30UHfrnM3mXl22gHGt/b7NkjBqXfbhZ8V4B7ANUsjK18PlSBmG0YH7gjw==", + "dev": true, + "requires": { + "chalk": "^3.0.0", + "jest-diff": "^25.5.0", + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-message-util": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-25.5.0.tgz", + "integrity": "sha512-ezddz3YCT/LT0SKAmylVyWWIGYoKHOFOFXx3/nA4m794lfVUskMcwhip6vTgdVrOtYdjeQeis2ypzes9mZb4EA==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.0.0", + "@jest/types": "^25.5.0", + "@types/stack-utils": "^1.0.1", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "micromatch": "^4.0.2", + "slash": "^3.0.0", + "stack-utils": "^1.0.1" + } + }, + "jest-mock": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-25.5.0.tgz", + "integrity": "sha512-eXWuTV8mKzp/ovHc5+3USJMYsTBhyQ+5A1Mak35dey/RG8GlM4YWVylZuGgVXinaW6tpvk/RSecmF37FKUlpXA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0" + } + }, + "jest-pnp-resolver": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.1.tgz", + "integrity": "sha512-pgFw2tm54fzgYvc/OHrnysABEObZCUNFnhjoRjaVOCN8NYc032/gVjPaHD4Aq6ApkSieWtfKAFQtmDKAmhupnQ==", + "dev": true + }, + "jest-regex-util": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-25.2.6.tgz", + "integrity": "sha512-KQqf7a0NrtCkYmZZzodPftn7fL1cq3GQAFVMn5Hg8uKx/fIenLEobNanUxb7abQ1sjADHBseG/2FGpsv/wr+Qw==", + "dev": true + }, + "jest-resolve": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-25.5.1.tgz", + "integrity": "sha512-Hc09hYch5aWdtejsUZhA+vSzcotf7fajSlPA6EZPE1RmPBAD39XtJhvHWFStid58iit4IPDLI/Da4cwdDmAHiQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "browser-resolve": "^1.11.3", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "jest-pnp-resolver": "^1.2.1", + "read-pkg-up": "^7.0.1", + "realpath-native": "^2.0.0", + "resolve": "^1.17.0", + "slash": "^3.0.0" + } + }, + "jest-resolve-dependencies": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-25.5.4.tgz", + "integrity": "sha512-yFmbPd+DAQjJQg88HveObcGBA32nqNZ02fjYmtL16t1xw9bAttSn5UGRRhzMHIQbsep7znWvAvnD4kDqOFM0Uw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-snapshot": "^25.5.1" + } + }, + "jest-runner": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-25.5.4.tgz", + "integrity": "sha512-V/2R7fKZo6blP8E9BL9vJ8aTU4TH2beuqGNxHbxi6t14XzTb+x90B3FRgdvuHm41GY8ch4xxvf0ATH4hdpjTqg==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/environment": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-config": "^25.5.4", + "jest-docblock": "^25.3.0", + "jest-haste-map": "^25.5.1", + "jest-jasmine2": "^25.5.4", + "jest-leak-detector": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-resolve": "^25.5.1", + "jest-runtime": "^25.5.4", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "source-map-support": "^0.5.6", + "throat": "^5.0.0" + } + }, + "jest-runtime": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-25.5.4.tgz", + "integrity": "sha512-RWTt8LeWh3GvjYtASH2eezkc8AehVoWKK20udV6n3/gC87wlTbE1kIA+opCvNWyyPeBs6ptYsc6nyHUb1GlUVQ==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/environment": "^25.5.0", + "@jest/globals": "^25.5.2", + "@jest/source-map": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "@types/yargs": "^15.0.0", + "chalk": "^3.0.0", + "collect-v8-coverage": "^1.0.0", + "exit": "^0.1.2", + "glob": "^7.1.3", + "graceful-fs": "^4.2.4", + "jest-config": "^25.5.4", + "jest-haste-map": "^25.5.1", + "jest-message-util": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "realpath-native": "^2.0.0", + "slash": "^3.0.0", + "strip-bom": "^4.0.0", + "yargs": "^15.3.1" + } + }, + "jest-serializer": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-serializer/-/jest-serializer-25.5.0.tgz", + "integrity": "sha512-LxD8fY1lByomEPflwur9o4e2a5twSQ7TaVNLlFUuToIdoJuBt8tzHfCsZ42Ok6LkKXWzFWf3AGmheuLAA7LcCA==", + "dev": true, + "requires": { + "graceful-fs": "^4.2.4" + } + }, + "jest-snapshot": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-25.5.1.tgz", + "integrity": "sha512-C02JE1TUe64p2v1auUJ2ze5vcuv32tkv9PyhEb318e8XOKF7MOyXdJ7kdjbvrp3ChPLU2usI7Rjxs97Dj5P0uQ==", + "dev": true, + "requires": { + "@babel/types": "^7.0.0", + "@jest/types": "^25.5.0", + "@types/prettier": "^1.19.0", + "chalk": "^3.0.0", + "expect": "^25.5.0", + "graceful-fs": "^4.2.4", + "jest-diff": "^25.5.0", + "jest-get-type": "^25.2.6", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-resolve": "^25.5.1", + "make-dir": "^3.0.0", + "natural-compare": "^1.4.0", + "pretty-format": "^25.5.0", + "semver": "^6.3.0" + } + }, + "jest-util": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-25.5.0.tgz", + "integrity": "sha512-KVlX+WWg1zUTB9ktvhsg2PXZVdkI1NBevOJSkTKYAyXyH4QSvh+Lay/e/v+bmaFfrkfx43xD8QTfgobzlEXdIA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "is-ci": "^2.0.0", + "make-dir": "^3.0.0" + } + }, + "jest-validate": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-25.5.0.tgz", + "integrity": "sha512-okUFKqhZIpo3jDdtUXUZ2LxGUZJIlfdYBvZb1aczzxrlyMlqdnnws9MOxezoLGhSaFc2XYaHNReNQfj5zPIWyQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "camelcase": "^5.3.1", + "chalk": "^3.0.0", + "jest-get-type": "^25.2.6", + "leven": "^3.1.0", + "pretty-format": "^25.5.0" + } + }, + "jest-watcher": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-25.5.0.tgz", + "integrity": "sha512-XrSfJnVASEl+5+bb51V0Q7WQx65dTSk7NL4yDdVjPnRNpM0hG+ncFmDYJo9O8jaSRcAitVbuVawyXCRoxGrT5Q==", + "dev": true, + "requires": { + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "ansi-escapes": "^4.2.1", + "chalk": "^3.0.0", + "jest-util": "^25.5.0", + "string-length": "^3.1.0" + } + }, + "jest-worker": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-25.5.0.tgz", + "integrity": "sha512-/dsSmUkIy5EBGfv/IjjqmFxrNAUpBERfGs1oHROyD7yxjG/w+t0GOJDX8O1k32ySmd7+a5IhnJU2qQFcJ4n1vw==", + "dev": true, + "requires": { + "merge-stream": "^2.0.0", + "supports-color": "^7.0.0" + } + }, + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true + }, + "js-yaml": { + "version": "3.14.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.0.tgz", + "integrity": "sha512-/4IbIeHcD9VMHFqDR/gQ7EdZdLimOvW2DdcxFjdyyZ9NsbS+ccrXqVWDtab/lRl5AlUqmpBx8EhPaWR+OtY17A==", + "requires": { + "argparse": "^1.0.7", + "esprima": "^4.0.0" + } + }, + "jsbn": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", + "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=" + }, + "jsdom": { + "version": "15.2.1", + "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-15.2.1.tgz", + "integrity": "sha512-fAl1W0/7T2G5vURSyxBzrJ1LSdQn6Tr5UX/xD4PXDx/PDgwygedfW6El/KIj3xJ7FU61TTYnc/l/B7P49Eqt6g==", + "dev": true, + "requires": { + "abab": "^2.0.0", + "acorn": "^7.1.0", + "acorn-globals": "^4.3.2", + "array-equal": "^1.0.0", + "cssom": "^0.4.1", + "cssstyle": "^2.0.0", + "data-urls": "^1.1.0", + "domexception": "^1.0.1", + "escodegen": "^1.11.1", + "html-encoding-sniffer": "^1.0.2", + "nwsapi": "^2.2.0", + "parse5": "5.1.0", + "pn": "^1.1.0", + "request": "^2.88.0", + "request-promise-native": "^1.0.7", + "saxes": "^3.1.9", + "symbol-tree": "^3.2.2", + "tough-cookie": "^3.0.1", + "w3c-hr-time": "^1.0.1", + "w3c-xmlserializer": "^1.1.2", + "webidl-conversions": "^4.0.2", + "whatwg-encoding": "^1.0.5", + "whatwg-mimetype": "^2.3.0", + "whatwg-url": "^7.0.0", + "ws": "^7.0.0", + "xml-name-validator": "^3.0.0" + } + }, + "jsesc": { + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", + "dev": true + }, + "json-buffer": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.0.tgz", + "integrity": "sha1-Wx85evx11ne96Lz8Dkfh+aPZqJg=" + }, + "json-parse-better-errors": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", + "integrity": "sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==", + "dev": true + }, + "json-schema": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", + "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=" + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==" + }, + "json-stringify-safe": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=" + }, + "json5": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.1.3.tgz", + "integrity": "sha512-KXPvOm8K9IJKFM0bmdn8QXh7udDh1g/giieX0NLCaMnb4hEiVFqnop2ImTXCc5e0/oHz3LTqmHGtExn5hfMkOA==", + "dev": true, + "requires": { + "minimist": "^1.2.5" + } + }, + "jsonpath-plus": { + "version": "0.19.0", + "resolved": "https://registry.npmjs.org/jsonpath-plus/-/jsonpath-plus-0.19.0.tgz", + "integrity": "sha512-GSVwsrzW9LsA5lzsqe4CkuZ9wp+kxBb2GwNniaWzI2YFn5Ig42rSW8ZxVpWXaAfakXNrx5pgY5AbQq7kzX29kg==" + }, + "jsprim": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", + "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", + "requires": { + "assert-plus": "1.0.0", + "extsprintf": "1.3.0", + "json-schema": "0.2.3", + "verror": "1.10.0" + } + }, + "keyv": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/keyv/-/keyv-3.0.0.tgz", + "integrity": "sha512-eguHnq22OE3uVoSYG0LVWNP+4ppamWr9+zWBe1bsNcovIMy6huUJFPgy4mGwCd/rnl3vOLGW1MTlu4c57CT1xA==", + "requires": { + "json-buffer": "3.0.0" + } + }, + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==", + "dev": true + }, + "kleur": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true + }, + "leven": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "dev": true + }, + "levn": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", + "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2" + } + }, + "lines-and-columns": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.1.6.tgz", + "integrity": "sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA=", + "dev": true + }, + "locate-path": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dev": true, + "requires": { + "p-locate": "^4.1.0" + } + }, + "lodash": { + "version": "4.17.15", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", + "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==" + }, + "lodash.set": { + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", + "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=" + }, + "lodash.sortby": { + "version": "4.7.0", + "resolved": "https://registry.npmjs.org/lodash.sortby/-/lodash.sortby-4.7.0.tgz", + "integrity": "sha1-7dFMgk4sycHgsKG0K7UhBRakJDg=", + "dev": true + }, + "lolex": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/lolex/-/lolex-5.1.2.tgz", + "integrity": "sha512-h4hmjAvHTmd+25JSwrtTIuwbKdwg5NzZVRMLn9saij4SZaepCrTCxPr35H/3bjwfMJtN+t3CX8672UIkglz28A==", + "dev": true, + "requires": { + "@sinonjs/commons": "^1.7.0" + } + }, + "long": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/long/-/long-4.0.0.tgz", + "integrity": "sha512-XsP+KhQif4bjX1kbuSiySJFNAehNxgLb6hPRGJ9QsUr8ajHkuXGdrHmFUTUUXhDwVX2R5bY4JNZEwbUiMhV+MA==" + }, + "lowercase-keys": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz", + "integrity": "sha512-G2Lj61tXDnVFFOi8VZds+SoQjtQC3dgokKdDG2mTm1tx4m50NUHBOZSBwQQHyy0V12A0JTG4icfZQH+xPyh8VA==" + }, + "lru-cache": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-5.1.1.tgz", + "integrity": "sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==", + "requires": { + "yallist": "^3.0.2" + } + }, + "make-dir": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", + "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "dev": true, + "requires": { + "semver": "^6.0.0" + } + }, + "makeerror": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.11.tgz", + "integrity": "sha1-4BpckQnyr3lmDk6LlYd5AYT1qWw=", + "dev": true, + "requires": { + "tmpl": "1.0.x" + } + }, + "map-cache": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/map-cache/-/map-cache-0.2.2.tgz", + "integrity": "sha1-wyq9C9ZSXZsFFkW7TyasXcmKDb8=", + "dev": true + }, + "map-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/map-visit/-/map-visit-1.0.0.tgz", + "integrity": "sha1-7Nyo8TFE5mDxtb1B8S80edmN+48=", + "dev": true, + "requires": { + "object-visit": "^1.0.0" + } + }, + "merge-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", + "dev": true + }, + "micromatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.2.tgz", + "integrity": "sha512-y7FpHSbMUMoyPbYUSzO6PaZ6FyRnQOpHuKwbo1G+Knck95XVU4QAiKdGEnj5wwoS7PlOgthX/09u5iFJ+aYf5Q==", + "dev": true, + "requires": { + "braces": "^3.0.1", + "picomatch": "^2.0.5" + } + }, + "mime-db": { + "version": "1.44.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz", + "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==" + }, + "mime-types": { + "version": "2.1.27", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz", + "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==", + "requires": { + "mime-db": "1.44.0" + } + }, + "mimic-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true + }, + "mimic-response": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-1.0.1.tgz", + "integrity": "sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ==" + }, + "minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "minimist": { + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", + "dev": true + }, + "mixin-deep": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz", + "integrity": "sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==", + "dev": true, + "requires": { + "for-in": "^1.0.2", + "is-extendable": "^1.0.1" + }, + "dependencies": { + "is-extendable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", + "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "dev": true, + "requires": { + "is-plain-object": "^2.0.4" + } + } + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true + }, + "nanomatch": { + "version": "1.2.13", + "resolved": "https://registry.npmjs.org/nanomatch/-/nanomatch-1.2.13.tgz", + "integrity": "sha512-fpoe2T0RbHwBTBUOftAfBPaDEi06ufaUai0mE6Yn1kacc3SnTErfb/h+X94VXzI64rKFHYImXSvdwGGCmwOqCA==", + "dev": true, + "requires": { + "arr-diff": "^4.0.0", + "array-unique": "^0.3.2", + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "fragment-cache": "^0.2.1", + "is-windows": "^1.0.2", + "kind-of": "^6.0.2", + "object.pick": "^1.3.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + } + }, + "natural-compare": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", + "dev": true + }, + "nice-try": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", + "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==" + }, + "node-forge": { + "version": "0.8.5", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.8.5.tgz", + "integrity": "sha512-vFMQIWt+J/7FLNyKouZ9TazT74PRV3wgv9UT4cRjC8BffxFbKXkgIWR42URCPSnHm/QDz6BOlb2Q0U4+VQT67Q==" + }, + "node-int64": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", + "dev": true + }, + "node-jose": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/node-jose/-/node-jose-1.1.4.tgz", + "integrity": "sha512-L31IFwL3pWWcMHxxidCY51ezqrDXMkvlT/5pLTfNw5sXmmOLJuN6ug7txzF/iuZN55cRpyOmoJrotwBQIoo5Lw==", + "requires": { + "base64url": "^3.0.1", + "browserify-zlib": "^0.2.0", + "buffer": "^5.5.0", + "es6-promise": "^4.2.8", + "lodash": "^4.17.15", + "long": "^4.0.0", + "node-forge": "^0.8.5", + "process": "^0.11.10", + "react-zlib-js": "^1.0.4", + "uuid": "^3.3.3" + } + }, + "node-modules-regexp": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz", + "integrity": "sha1-jZ2+KJZKSsVxLpExZCEHxx6Q7EA=", + "dev": true + }, + "node-notifier": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/node-notifier/-/node-notifier-6.0.0.tgz", + "integrity": "sha512-SVfQ/wMw+DesunOm5cKqr6yDcvUTDl/yc97ybGHMrteNEY6oekXpNpS3lZwgLlwz0FLgHoiW28ZpmBHUDg37cw==", + "dev": true, + "optional": true, + "requires": { + "growly": "^1.3.0", + "is-wsl": "^2.1.1", + "semver": "^6.3.0", + "shellwords": "^0.1.1", + "which": "^1.3.1" + }, + "dependencies": { + "which": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", + "dev": true, + "optional": true, + "requires": { + "isexe": "^2.0.0" + } + } + } + }, + "normalize-package-data": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", + "integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==", + "dev": true, + "requires": { + "hosted-git-info": "^2.1.4", + "resolve": "^1.10.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + } + } + }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true + }, + "normalize-url": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-2.0.1.tgz", + "integrity": "sha512-D6MUW4K/VzoJ4rJ01JFKxDrtY1v9wrgzCX5f2qj/lzH1m/lW6MhUZFKerVsnyjOhOsYzI9Kqqak+10l4LvLpMw==", + "requires": { + "prepend-http": "^2.0.0", + "query-string": "^5.0.1", + "sort-keys": "^2.0.0" + } + }, + "npm-run-path": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-2.0.2.tgz", + "integrity": "sha1-NakjLfo11wZ7TLLd8jV7GHFTbF8=", + "requires": { + "path-key": "^2.0.0" + } + }, + "nwsapi": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz", + "integrity": "sha512-h2AatdwYH+JHiZpv7pt/gSX1XoRGb7L/qSIeuqA6GwYoF9w1vP1cw42TO0aI2pNyshRK5893hNSl+1//vHK7hQ==", + "dev": true + }, + "oauth-sign": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", + "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==" + }, + "object-assign": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", + "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=" + }, + "object-copy": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/object-copy/-/object-copy-0.1.0.tgz", + "integrity": "sha1-fn2Fi3gb18mRpBupde04EnVOmYw=", + "dev": true, + "requires": { + "copy-descriptor": "^0.1.0", + "define-property": "^0.2.5", + "kind-of": "^3.0.3" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "object-hash": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-1.3.1.tgz", + "integrity": "sha512-OSuu/pU4ENM9kmREg0BdNrUDIl1heYa4mBZacJc+vVWz4GtAwu7jO8s4AIt2aGRUTqxykpWzI3Oqnsm13tTMDA==" + }, + "object-visit": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/object-visit/-/object-visit-1.0.1.tgz", + "integrity": "sha1-95xEk68MU3e1n+OdOV5BBC3QRbs=", + "dev": true, + "requires": { + "isobject": "^3.0.0" + } + }, + "object.pick": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/object.pick/-/object.pick-1.3.0.tgz", + "integrity": "sha1-h6EKxMFpS9Lhy/U1kaZhQftd10c=", + "dev": true, + "requires": { + "isobject": "^3.0.1" + } + }, + "oidc-token-hash": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-3.0.2.tgz", + "integrity": "sha512-dTzp80/y/da+um+i+sOucNqiPpwRL7M/xPwj7pH1TFA2/bqQ+OK2sJahSXbemEoLtPkHcFLyhLhLWZa9yW5+RA==" + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "requires": { + "wrappy": "1" + } + }, + "onetime": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.0.tgz", + "integrity": "sha512-5NcSkPHhwTVFIQN+TUqXoS5+dlElHXdpAWu9I0HP20YOtIi+aZ0Ct82jdlILDxjLEAWwvm+qj1m6aEtsDVmm6Q==", + "dev": true, + "requires": { + "mimic-fn": "^2.1.0" + } + }, + "openid-client": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-2.5.0.tgz", + "integrity": "sha512-t3hFD7xEoW1U25RyBcRFaL19fGGs6hNVTysq9pgmiltH0IVUPzH/bQV9w24pM5Q7MunnGv2/5XjIru6BQcWdxg==", + "requires": { + "base64url": "^3.0.0", + "got": "^8.3.2", + "lodash": "^4.17.11", + "lru-cache": "^5.1.1", + "node-jose": "^1.1.0", + "object-hash": "^1.3.1", + "oidc-token-hash": "^3.0.1", + "p-any": "^1.1.0" + } + }, + "optionator": { + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", + "integrity": "sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==", + "dev": true, + "requires": { + "deep-is": "~0.1.3", + "fast-levenshtein": "~2.0.6", + "levn": "~0.3.0", + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2", + "word-wrap": "~1.2.3" + } + }, + "p-any": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/p-any/-/p-any-1.1.0.tgz", + "integrity": "sha512-Ef0tVa4CZ5pTAmKn+Cg3w8ABBXh+hHO1aV8281dKOoUHfX+3tjG2EaFcC+aZyagg9b4EYGsHEjz21DnEE8Og2g==", + "requires": { + "p-some": "^2.0.0" + } + }, + "p-cancelable": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-0.4.1.tgz", + "integrity": "sha512-HNa1A8LvB1kie7cERyy21VNeHb2CWJJYqyyC2o3klWFfMGlFmWv2Z7sFgZH8ZiaYL95ydToKTFVXgMV/Os0bBQ==" + }, + "p-each-series": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/p-each-series/-/p-each-series-2.1.0.tgz", + "integrity": "sha512-ZuRs1miPT4HrjFa+9fRfOFXxGJfORgelKV9f9nNOWw2gl6gVsRaVDOQP0+MI0G0wGKns1Yacsu0GjOFbTK0JFQ==", + "dev": true + }, + "p-finally": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz", + "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=" + }, + "p-is-promise": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/p-is-promise/-/p-is-promise-1.1.0.tgz", + "integrity": "sha1-nJRWmJ6fZYgBewQ01WCXZ1w9oF4=" + }, + "p-limit": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dev": true, + "requires": { + "p-try": "^2.0.0" + } + }, + "p-locate": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dev": true, + "requires": { + "p-limit": "^2.2.0" + } + }, + "p-some": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/p-some/-/p-some-2.0.1.tgz", + "integrity": "sha1-Zdh8ixVO289SIdFnd4ttLhUPbwY=", + "requires": { + "aggregate-error": "^1.0.0" + } + }, + "p-timeout": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/p-timeout/-/p-timeout-2.0.1.tgz", + "integrity": "sha512-88em58dDVB/KzPEx1X0N3LwFfYZPyDc4B6eF38M1rk9VTZMbxXXgjugz8mmwpS9Ox4BDZ+t6t3QP5+/gazweIA==", + "requires": { + "p-finally": "^1.0.0" + } + }, + "p-try": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true + }, + "pako": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz", + "integrity": "sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw==" + }, + "parse-json": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.0.0.tgz", + "integrity": "sha512-OOY5b7PAEFV0E2Fir1KOkxchnZNCdowAJgQ5NuxjpBKTRP3pQhwkrkxqQjeoKJ+fO7bCpmIZaogI4eZGDMEGOw==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.0.0", + "error-ex": "^1.3.1", + "json-parse-better-errors": "^1.0.1", + "lines-and-columns": "^1.1.6" + } + }, + "parse5": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/parse5/-/parse5-5.1.0.tgz", + "integrity": "sha512-fxNG2sQjHvlVAYmzBZS9YlDp6PTSSDwa98vkD4QgVDDCAo84z5X1t5XyJQ62ImdLXx5NdIIfihey6xpum9/gRQ==", + "dev": true + }, + "pascalcase": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/pascalcase/-/pascalcase-0.1.1.tgz", + "integrity": "sha1-s2PlXoAGym/iF4TS2yK9FdeRfxQ=", + "dev": true + }, + "path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true + }, + "path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=" + }, + "path-key": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz", + "integrity": "sha1-QRyttXTFoUDTpLGRDUDYDMn0C0A=" + }, + "path-parse": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz", + "integrity": "sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==" + }, + "performance-now": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", + "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=" + }, + "picomatch": { + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.2.2.tgz", + "integrity": "sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==", + "dev": true + }, + "pify": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz", + "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=" + }, + "pirates": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.1.tgz", + "integrity": "sha512-WuNqLTbMI3tmfef2TKxlQmAiLHKtFhlsCZnPIpuv2Ow0RDVO8lfy1Opf4NUzlMXLjPl+Men7AuVdX6TA+s+uGA==", + "dev": true, + "requires": { + "node-modules-regexp": "^1.0.0" + } + }, + "pkg-dir": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dev": true, + "requires": { + "find-up": "^4.0.0" + } + }, + "pn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/pn/-/pn-1.1.0.tgz", + "integrity": "sha512-2qHaIQr2VLRFoxe2nASzsV6ef4yOOH+Fi9FBOVH6cqeSgUnoyySPZkxzLuzd+RYOQTRpROA0ztTMqxROKSb/nA==", + "dev": true + }, + "posix-character-classes": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz", + "integrity": "sha1-AerA/jta9xoqbAL+q7jB/vfgDqs=", + "dev": true + }, + "prelude-ls": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", + "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", + "dev": true + }, + "prepend-http": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/prepend-http/-/prepend-http-2.0.0.tgz", + "integrity": "sha1-6SQ0v6XqjBn0HN/UAddBo8gZ2Jc=" + }, + "pretty-format": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-25.5.0.tgz", + "integrity": "sha512-kbo/kq2LQ/A/is0PQwsEHM7Ca6//bGPPvU6UnsdDRSKTWxT/ru/xb88v4BJf6a69H+uTytOEsTusT9ksd/1iWQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "ansi-regex": "^5.0.0", + "ansi-styles": "^4.0.0", + "react-is": "^16.12.0" + }, + "dependencies": { + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", + "dev": true + } + } + }, + "process": { + "version": "0.11.10", + "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", + "integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI=" + }, + "process-nextick-args": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", + "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==" + }, + "prompts": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.3.2.tgz", + "integrity": "sha512-Q06uKs2CkNYVID0VqwfAl9mipo99zkBv/n2JtWY89Yxa3ZabWSrs0e2KTudKVa3peLUvYXMefDqIleLPVUBZMA==", + "dev": true, + "requires": { + "kleur": "^3.0.3", + "sisteransi": "^1.0.4" + } + }, + "psl": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", + "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==" + }, + "pump": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==", + "requires": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "punycode": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", + "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" + }, + "qs": { + "version": "6.5.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", + "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==" + }, + "query-string": { + "version": "5.1.1", + "resolved": "https://registry.npmjs.org/query-string/-/query-string-5.1.1.tgz", + "integrity": "sha512-gjWOsm2SoGlgLEdAGt7a6slVOk9mGiXmPFMqrEhLQ68rhQuBnpfs3+EmlvqKyxnCo9/PPlF+9MtY02S1aFg+Jw==", + "requires": { + "decode-uri-component": "^0.2.0", + "object-assign": "^4.1.0", + "strict-uri-encode": "^1.0.0" + } + }, + "react-is": { + "version": "16.13.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz", + "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", + "dev": true + }, + "react-zlib-js": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/react-zlib-js/-/react-zlib-js-1.0.4.tgz", + "integrity": "sha512-ynXD9DFxpE7vtGoa3ZwBtPmZrkZYw2plzHGbanUjBOSN4RtuXdektSfABykHtTiWEHMh7WdYj45LHtp228ZF1A==" + }, + "read-pkg": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-5.2.0.tgz", + "integrity": "sha512-Ug69mNOpfvKDAc2Q8DRpMjjzdtrnv9HcSMX+4VsZxD1aZ6ZzrIE7rlzXBtWTyhULSMKg076AW6WR5iZpD0JiOg==", + "dev": true, + "requires": { + "@types/normalize-package-data": "^2.4.0", + "normalize-package-data": "^2.5.0", + "parse-json": "^5.0.0", + "type-fest": "^0.6.0" + }, + "dependencies": { + "type-fest": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.6.0.tgz", + "integrity": "sha512-q+MB8nYR1KDLrgr4G5yemftpMC7/QLqVndBmEEdqzmNj5dcFOO4Oo8qlwZE3ULT3+Zim1F8Kq4cBnikNhlCMlg==", + "dev": true + } + } + }, + "read-pkg-up": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-7.0.1.tgz", + "integrity": "sha512-zK0TB7Xd6JpCLmlLmufqykGE+/TlOePD6qKClNW7hHDKFh/J7/7gCWGR7joEQEW1bKq3a3yUZSObOoWLFQ4ohg==", + "dev": true, + "requires": { + "find-up": "^4.1.0", + "read-pkg": "^5.2.0", + "type-fest": "^0.8.1" + } + }, + "readable-stream": { + "version": "2.3.7", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.7.tgz", + "integrity": "sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==", + "requires": { + "core-util-is": "~1.0.0", + "inherits": "~2.0.3", + "isarray": "~1.0.0", + "process-nextick-args": "~2.0.0", + "safe-buffer": "~5.1.1", + "string_decoder": "~1.1.1", + "util-deprecate": "~1.0.1" + } + }, + "realpath-native": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/realpath-native/-/realpath-native-2.0.0.tgz", + "integrity": "sha512-v1SEYUOXXdbBZK8ZuNgO4TBjamPsiSgcFr0aP+tEKpQZK8vooEUqV6nm6Cv502mX4NF2EfsnVqtNAHG+/6Ur1Q==", + "dev": true + }, + "rechoir": { + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/rechoir/-/rechoir-0.6.2.tgz", + "integrity": "sha1-hSBLVNuoLVdC4oyWdW70OvUOM4Q=", + "requires": { + "resolve": "^1.1.6" + } + }, + "regex-not": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/regex-not/-/regex-not-1.0.2.tgz", + "integrity": "sha512-J6SDjUgDxQj5NusnOtdFxDwN/+HWykR8GELwctJ7mdqhcyy1xEc4SRFHUXvxTp661YaVKAjfRLZ9cCqS6tn32A==", + "dev": true, + "requires": { + "extend-shallow": "^3.0.2", + "safe-regex": "^1.1.0" + } + }, + "remove-trailing-separator": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz", + "integrity": "sha1-wkvOKig62tW8P1jg1IJJuSN52O8=", + "dev": true + }, + "repeat-element": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/repeat-element/-/repeat-element-1.1.3.tgz", + "integrity": "sha512-ahGq0ZnV5m5XtZLMb+vP76kcAM5nkLqk0lpqAuojSKGgQtn4eRi4ZZGm2olo2zKFH+sMsWaqOCW1dqAnOru72g==", + "dev": true + }, + "repeat-string": { + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz", + "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=", + "dev": true + }, + "request": { + "version": "2.88.2", + "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", + "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "requires": { + "aws-sign2": "~0.7.0", + "aws4": "^1.8.0", + "caseless": "~0.12.0", + "combined-stream": "~1.0.6", + "extend": "~3.0.2", + "forever-agent": "~0.6.1", + "form-data": "~2.3.2", + "har-validator": "~5.1.3", + "http-signature": "~1.2.0", + "is-typedarray": "~1.0.0", + "isstream": "~0.1.2", + "json-stringify-safe": "~5.0.1", + "mime-types": "~2.1.19", + "oauth-sign": "~0.9.0", + "performance-now": "^2.1.0", + "qs": "~6.5.2", + "safe-buffer": "^5.1.2", + "tough-cookie": "~2.5.0", + "tunnel-agent": "^0.6.0", + "uuid": "^3.3.2" + }, + "dependencies": { + "tough-cookie": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "requires": { + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + } + } + }, + "request-promise-core": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/request-promise-core/-/request-promise-core-1.1.3.tgz", + "integrity": "sha512-QIs2+ArIGQVp5ZYbWD5ZLCY29D5CfWizP8eWnm8FoGD1TX61veauETVQbrV60662V0oFBkrDOuaBI8XgtuyYAQ==", + "dev": true, + "requires": { + "lodash": "^4.17.15" + } + }, + "request-promise-native": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/request-promise-native/-/request-promise-native-1.0.8.tgz", + "integrity": "sha512-dapwLGqkHtwL5AEbfenuzjTYg35Jd6KPytsC2/TLkVMz8rm+tNt72MGUWT1RP/aYawMpN6HqbNGBQaRcBtjQMQ==", + "dev": true, + "requires": { + "request-promise-core": "1.1.3", + "stealthy-require": "^1.1.1", + "tough-cookie": "^2.3.3" + }, + "dependencies": { + "tough-cookie": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "dev": true, + "requires": { + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + } + } + }, + "require-directory": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", + "dev": true + }, + "require-main-filename": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz", + "integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==", + "dev": true + }, + "resolve": { + "version": "1.17.0", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.17.0.tgz", + "integrity": "sha512-ic+7JYiV8Vi2yzQGFWOkiZD5Z9z7O2Zhm9XMaTxdJExKasieFCr+yXZ/WmXsckHiKl12ar0y6XiXDx3m4RHn1w==", + "requires": { + "path-parse": "^1.0.6" + } + }, + "resolve-cwd": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", + "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "dev": true, + "requires": { + "resolve-from": "^5.0.0" + } + }, + "resolve-from": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "dev": true + }, + "resolve-url": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/resolve-url/-/resolve-url-0.2.1.tgz", + "integrity": "sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=", + "dev": true + }, + "responselike": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/responselike/-/responselike-1.0.2.tgz", + "integrity": "sha1-kYcg7ztjHFZCvgaPFa3lpG9Loec=", + "requires": { + "lowercase-keys": "^1.0.0" + } + }, + "ret": { + "version": "0.1.15", + "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz", + "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==", + "dev": true + }, + "rfc4648": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/rfc4648/-/rfc4648-1.3.0.tgz", + "integrity": "sha512-x36K12jOflpm1V8QjPq3I+pt7Z1xzeZIjiC8J2Oxd7bE1efTrOG241DTYVJByP/SxR9jl1t7iZqYxDX864jgBQ==" + }, + "rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "dev": true, + "requires": { + "glob": "^7.1.3" + } + }, + "rsvp": { + "version": "4.8.5", + "resolved": "https://registry.npmjs.org/rsvp/-/rsvp-4.8.5.tgz", + "integrity": "sha512-nfMOlASu9OnRJo1mbEk2cz0D56a1MBNrJ7orjRZQG10XDyuvwksKbuXNp6qa+kbn839HwjwhBzhFmdsaEAfauA==", + "dev": true + }, + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==" + }, + "safe-regex": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-1.1.0.tgz", + "integrity": "sha1-QKNmnzsHfR6UPURinhV91IAjvy4=", + "dev": true, + "requires": { + "ret": "~0.1.10" + } + }, + "safer-buffer": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" + }, + "sane": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/sane/-/sane-4.1.0.tgz", + "integrity": "sha512-hhbzAgTIX8O7SHfp2c8/kREfEn4qO/9q8C9beyY6+tvZ87EpoZ3i1RIEvp27YBswnNbY9mWd6paKVmKbAgLfZA==", + "dev": true, + "requires": { + "@cnakazawa/watch": "^1.0.3", + "anymatch": "^2.0.0", + "capture-exit": "^2.0.0", + "exec-sh": "^0.3.2", + "execa": "^1.0.0", + "fb-watchman": "^2.0.0", + "micromatch": "^3.1.4", + "minimist": "^1.1.1", + "walker": "~1.0.5" + }, + "dependencies": { + "anymatch": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-2.0.0.tgz", + "integrity": "sha512-5teOsQWABXHHBFP9y3skS5P3d/WfWXpv3FUpy+LorMrNYaT9pI4oLMQX7jzQ2KklNpGpWHzdCXTDT2Y3XGlZBw==", + "dev": true, + "requires": { + "micromatch": "^3.1.4", + "normalize-path": "^2.1.1" + } + }, + "braces": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-2.3.2.tgz", + "integrity": "sha512-aNdbnj9P8PjdXU4ybaWLK2IF3jc/EoDYbC7AazW6to3TRsfXxscC9UXOB5iDiEQrkyIbWp2SLQda4+QAa7nc3w==", + "dev": true, + "requires": { + "arr-flatten": "^1.1.0", + "array-unique": "^0.3.2", + "extend-shallow": "^2.0.1", + "fill-range": "^4.0.0", + "isobject": "^3.0.1", + "repeat-element": "^1.1.2", + "snapdragon": "^0.8.1", + "snapdragon-node": "^2.0.1", + "split-string": "^3.0.2", + "to-regex": "^3.0.1" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "fill-range": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-4.0.0.tgz", + "integrity": "sha1-1USBHUKPmOsGpj3EAtJAPDKMOPc=", + "dev": true, + "requires": { + "extend-shallow": "^2.0.1", + "is-number": "^3.0.0", + "repeat-string": "^1.6.1", + "to-regex-range": "^2.1.0" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "is-number": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", + "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "micromatch": { + "version": "3.1.10", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-3.1.10.tgz", + "integrity": "sha512-MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg==", + "dev": true, + "requires": { + "arr-diff": "^4.0.0", + "array-unique": "^0.3.2", + "braces": "^2.3.1", + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "extglob": "^2.0.4", + "fragment-cache": "^0.2.1", + "kind-of": "^6.0.2", + "nanomatch": "^1.2.9", + "object.pick": "^1.3.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.2" + } + }, + "normalize-path": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-2.1.1.tgz", + "integrity": "sha1-GrKLVW4Zg2Oowab35vogE3/mrtk=", + "dev": true, + "requires": { + "remove-trailing-separator": "^1.0.1" + } + }, + "to-regex-range": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-2.1.1.tgz", + "integrity": "sha1-fIDBe53+vlmeJzZ+DU3VWQFB2zg=", + "dev": true, + "requires": { + "is-number": "^3.0.0", + "repeat-string": "^1.6.1" + } + } + } + }, + "saxes": { + "version": "3.1.11", + "resolved": "https://registry.npmjs.org/saxes/-/saxes-3.1.11.tgz", + "integrity": "sha512-Ydydq3zC+WYDJK1+gRxRapLIED9PWeSuuS41wqyoRmzvhhh9nc+QQrVMKJYzJFULazeGhzSV0QleN2wD3boh2g==", + "dev": true, + "requires": { + "xmlchars": "^2.1.1" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", + "dev": true + }, + "set-blocking": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", + "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=", + "dev": true + }, + "set-value": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.1.tgz", + "integrity": "sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw==", + "dev": true, + "requires": { + "extend-shallow": "^2.0.1", + "is-extendable": "^0.1.1", + "is-plain-object": "^2.0.3", + "split-string": "^3.0.1" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "shebang-command": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-1.2.0.tgz", + "integrity": "sha1-RKrGW2lbAzmJaMOfNj/uXer98eo=", + "requires": { + "shebang-regex": "^1.0.0" + } + }, + "shebang-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz", + "integrity": "sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=" + }, + "shelljs": { + "version": "0.8.4", + "resolved": "https://registry.npmjs.org/shelljs/-/shelljs-0.8.4.tgz", + "integrity": "sha512-7gk3UZ9kOfPLIAbslLzyWeGiEqx9e3rxwZM0KE6EL8GlGwjym9Mrlx5/p33bWTu9YG6vcS4MBxYZDHYr5lr8BQ==", + "requires": { + "glob": "^7.0.0", + "interpret": "^1.0.0", + "rechoir": "^0.6.2" + } + }, + "shellwords": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/shellwords/-/shellwords-0.1.1.tgz", + "integrity": "sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww==", + "dev": true, + "optional": true + }, + "signal-exit": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.3.tgz", + "integrity": "sha512-VUJ49FC8U1OxwZLxIbTTrDvLnf/6TDgxZcK8wxR8zs13xpx7xbG60ndBlhNrFi2EMuFRoeDoJO7wthSLq42EjA==" + }, + "sisteransi": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true + }, + "slash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", + "dev": true + }, + "snapdragon": { + "version": "0.8.2", + "resolved": "https://registry.npmjs.org/snapdragon/-/snapdragon-0.8.2.tgz", + "integrity": "sha512-FtyOnWN/wCHTVXOMwvSv26d+ko5vWlIDD6zoUJ7LW8vh+ZBC8QdljveRP+crNrtBwioEUWy/4dMtbBjA4ioNlg==", + "dev": true, + "requires": { + "base": "^0.11.1", + "debug": "^2.2.0", + "define-property": "^0.2.5", + "extend-shallow": "^2.0.1", + "map-cache": "^0.2.2", + "source-map": "^0.5.6", + "source-map-resolve": "^0.5.0", + "use": "^3.1.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true + }, + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "snapdragon-node": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/snapdragon-node/-/snapdragon-node-2.1.1.tgz", + "integrity": "sha512-O27l4xaMYt/RSQ5TR3vpWCAB5Kb/czIcqUFOM/C4fYcLnbZUc1PkjTAMjof2pBWaSTwOUd6qUHcFGVGj7aIwnw==", + "dev": true, + "requires": { + "define-property": "^1.0.0", + "isobject": "^3.0.0", + "snapdragon-util": "^3.0.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "snapdragon-util": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/snapdragon-util/-/snapdragon-util-3.0.1.tgz", + "integrity": "sha512-mbKkMdQKsjX4BAL4bRYTj21edOf8cN7XHdYUJEe+Zn99hVEYcMvKPct1IqNe7+AZPirn8BCDOQBHQZknqmKlZQ==", + "dev": true, + "requires": { + "kind-of": "^3.2.0" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "sort-keys": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-2.0.0.tgz", + "integrity": "sha1-ZYU1WEhh7JfXMNbPQYIuH1ZoQSg=", + "requires": { + "is-plain-obj": "^1.0.0" + } + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true + }, + "source-map-resolve": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/source-map-resolve/-/source-map-resolve-0.5.3.tgz", + "integrity": "sha512-Htz+RnsXWk5+P2slx5Jh3Q66vhQj1Cllm0zvnaY98+NFx+Dv2CF/f5O/t8x+KaNdrdIAsruNzoh/KpialbqAnw==", + "dev": true, + "requires": { + "atob": "^2.1.2", + "decode-uri-component": "^0.2.0", + "resolve-url": "^0.2.1", + "source-map-url": "^0.4.0", + "urix": "^0.1.0" + } + }, + "source-map-support": { + "version": "0.5.19", + "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.19.tgz", + "integrity": "sha512-Wonm7zOCIJzBGQdB+thsPar0kYuCIzYvxZwlBa87yi/Mdjv7Tip2cyVbLj5o0cFPN4EVkuTwb3GDDyUx2DGnGw==", + "dev": true, + "requires": { + "buffer-from": "^1.0.0", + "source-map": "^0.6.0" + } + }, + "source-map-url": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/source-map-url/-/source-map-url-0.4.0.tgz", + "integrity": "sha1-PpNdfd1zYxuXZZlW1VEo6HtQhKM=", + "dev": true + }, + "spdx-correct": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.1.tgz", + "integrity": "sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==", + "dev": true, + "requires": { + "spdx-expression-parse": "^3.0.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-exceptions": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz", + "integrity": "sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A==", + "dev": true + }, + "spdx-expression-parse": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", + "integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==", + "dev": true, + "requires": { + "spdx-exceptions": "^2.1.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-license-ids": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.5.tgz", + "integrity": "sha512-J+FWzZoynJEXGphVIS+XEh3kFSjZX/1i9gFBaWQcB+/tmpe2qUsSBABpcxqxnAxFdiUFEgAX1bjYGQvIZmoz9Q==", + "dev": true + }, + "split-string": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/split-string/-/split-string-3.1.0.tgz", + "integrity": "sha512-NzNVhJDYpwceVVii8/Hu6DKfD2G+NrQHlS/V/qgv763EYudVwEcMQNxd2lh+0VrUByXN/oJkl5grOhYWvQUYiw==", + "dev": true, + "requires": { + "extend-shallow": "^3.0.0" + } + }, + "sprintf-js": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=" + }, + "sshpk": { + "version": "1.16.1", + "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", + "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "requires": { + "asn1": "~0.2.3", + "assert-plus": "^1.0.0", + "bcrypt-pbkdf": "^1.0.0", + "dashdash": "^1.12.0", + "ecc-jsbn": "~0.1.1", + "getpass": "^0.1.1", + "jsbn": "~0.1.0", + "safer-buffer": "^2.0.2", + "tweetnacl": "~0.14.0" + } + }, + "stack-utils": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-1.0.2.tgz", + "integrity": "sha512-MTX+MeG5U994cazkjd/9KNAapsHnibjMLnfXodlkXw76JEea0UiNzrqidzo1emMwk7w5Qhc9jd4Bn9TBb1MFwA==", + "dev": true + }, + "static-extend": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/static-extend/-/static-extend-0.1.2.tgz", + "integrity": "sha1-YICcOcv/VTNyJv1eC1IPNB8ftcY=", + "dev": true, + "requires": { + "define-property": "^0.2.5", + "object-copy": "^0.1.0" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "stealthy-require": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/stealthy-require/-/stealthy-require-1.1.1.tgz", + "integrity": "sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=", + "dev": true + }, + "strict-uri-encode": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/strict-uri-encode/-/strict-uri-encode-1.1.0.tgz", + "integrity": "sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM=" + }, + "string-length": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-length/-/string-length-3.1.0.tgz", + "integrity": "sha512-Ttp5YvkGm5v9Ijagtaz1BnN+k9ObpvS0eIBblPMp2YWL8FBmi9qblQ9fexc2k/CXFgrTIteU3jAw3payCnwSTA==", + "dev": true, + "requires": { + "astral-regex": "^1.0.0", + "strip-ansi": "^5.2.0" + }, + "dependencies": { + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "dev": true, + "requires": { + "ansi-regex": "^4.1.0" + } + } + } + }, + "string-width": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz", + "integrity": "sha512-zUz5JD+tgqtuDjMhwIg5uFVV3dtqZ9yQJlZVfq4I01/K5Paj5UHj7VyrQOJvzawSVlKpObApbfD0Ed6yJc+1eg==", + "dev": true, + "requires": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "string_decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", + "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", + "requires": { + "safe-buffer": "~5.1.0" + } + }, + "strip-ansi": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", + "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", + "dev": true, + "requires": { + "ansi-regex": "^5.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", + "dev": true + } + } + }, + "strip-bom": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", + "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", + "dev": true + }, + "strip-eof": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz", + "integrity": "sha1-u0P/VZim6wXYm1n80SnJgzE2Br8=" + }, + "strip-final-newline": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", + "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", + "dev": true + }, + "supports-color": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", + "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "dev": true, + "requires": { + "has-flag": "^4.0.0" + } + }, + "supports-hyperlinks": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.1.0.tgz", + "integrity": "sha512-zoE5/e+dnEijk6ASB6/qrK+oYdm2do1hjoLWrqUC/8WEIW1gbxFcKuBof7sW8ArN6e+AYvsE8HBGiVRWL/F5CA==", + "dev": true, + "requires": { + "has-flag": "^4.0.0", + "supports-color": "^7.0.0" + } + }, + "symbol-tree": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz", + "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", + "dev": true + }, + "terminal-link": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", + "integrity": "sha512-un0FmiRUQNr5PJqy9kP7c40F5BOfpGlYTrxonDChEZB7pzZxRNp/bt+ymiy9/npwXya9KH99nJ/GXFIiUkYGFQ==", + "dev": true, + "requires": { + "ansi-escapes": "^4.2.1", + "supports-hyperlinks": "^2.0.0" + } + }, + "test-exclude": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", + "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "dev": true, + "requires": { + "@istanbuljs/schema": "^0.1.2", + "glob": "^7.1.4", + "minimatch": "^3.0.4" + } + }, + "throat": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/throat/-/throat-5.0.0.tgz", + "integrity": "sha512-fcwX4mndzpLQKBS1DVYhGAcYaYt7vsHNIvQV+WXMvnow5cgjPphq5CaayLaGsjRdSCKZFNGt7/GYAuXaNOiYCA==", + "dev": true + }, + "timed-out": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/timed-out/-/timed-out-4.0.1.tgz", + "integrity": "sha1-8y6srFoXW+ol1/q1Zas+2HQe9W8=" + }, + "tmpl": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.4.tgz", + "integrity": "sha1-I2QN17QtAEM5ERQIIOXPRA5SHdE=", + "dev": true + }, + "to-fast-properties": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", + "dev": true + }, + "to-object-path": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/to-object-path/-/to-object-path-0.3.0.tgz", + "integrity": "sha1-KXWIt7Dn4KwI4E5nL4XB9JmeF68=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "to-regex": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/to-regex/-/to-regex-3.0.2.tgz", + "integrity": "sha512-FWtleNAtZ/Ki2qtqej2CXTOayOH9bHDQF+Q48VpWyDXjbYxA4Yz8iDB31zXOBUlOHHKidDbqGVrTUvQMPmBGBw==", + "dev": true, + "requires": { + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "regex-not": "^1.0.2", + "safe-regex": "^1.1.0" + } + }, + "to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, + "requires": { + "is-number": "^7.0.0" + } + }, + "tough-cookie": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-3.0.1.tgz", + "integrity": "sha512-yQyJ0u4pZsv9D4clxO69OEjLWYw+jbgspjTue4lTQZLfV0c5l1VmK2y1JK8E9ahdpltPOaAThPcp5nKPUgSnsg==", + "dev": true, + "requires": { + "ip-regex": "^2.1.0", + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + }, + "tr46": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-1.0.1.tgz", + "integrity": "sha1-qLE/1r/SSJUZZ0zN5VujaTtwbQk=", + "dev": true, + "requires": { + "punycode": "^2.1.0" + } + }, + "tslib": { + "version": "1.13.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.13.0.tgz", + "integrity": "sha512-i/6DQjL8Xf3be4K/E6Wgpekn5Qasl1usyw++dAA35Ue5orEn65VIxOA+YvNNl9HV3qv70T7CNwjODHZrLwvd1Q==" + }, + "tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "requires": { + "safe-buffer": "^5.0.1" + } + }, + "tweetnacl": { + "version": "0.14.5", + "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", + "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" + }, + "type-check": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz", + "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2" + } + }, + "type-detect": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", + "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", + "dev": true + }, + "type-fest": { + "version": "0.8.1", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", + "integrity": "sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA==", + "dev": true + }, + "typedarray-to-buffer": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz", + "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==", + "dev": true, + "requires": { + "is-typedarray": "^1.0.0" + } + }, + "underscore": { + "version": "1.10.2", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.10.2.tgz", + "integrity": "sha512-N4P+Q/BuyuEKFJ43B9gYuOj4TQUHXX+j2FqguVOpjkssLUUrnJofCcBccJSCoeturDoZU6GorDTHSvUDlSQbTg==" + }, + "union-value": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.1.tgz", + "integrity": "sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg==", + "dev": true, + "requires": { + "arr-union": "^3.1.0", + "get-value": "^2.0.6", + "is-extendable": "^0.1.1", + "set-value": "^2.0.1" + } + }, + "unset-value": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/unset-value/-/unset-value-1.0.0.tgz", + "integrity": "sha1-g3aHP30jNRef+x5vw6jtDfyKtVk=", + "dev": true, + "requires": { + "has-value": "^0.3.1", + "isobject": "^3.0.0" + }, + "dependencies": { + "has-value": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/has-value/-/has-value-0.3.1.tgz", + "integrity": "sha1-ex9YutpiyoJ+wKIHgCVlSEWZXh8=", + "dev": true, + "requires": { + "get-value": "^2.0.3", + "has-values": "^0.1.4", + "isobject": "^2.0.0" + }, + "dependencies": { + "isobject": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz", + "integrity": "sha1-8GVWEJaj8dou9GJy+BXIQNh+DIk=", + "dev": true, + "requires": { + "isarray": "1.0.0" + } + } + } + }, + "has-values": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/has-values/-/has-values-0.1.4.tgz", + "integrity": "sha1-bWHeldkd/Km5oCCJrThL/49it3E=", + "dev": true + } + } + }, + "uri-js": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", + "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", + "requires": { + "punycode": "^2.1.0" + } + }, + "urix": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/urix/-/urix-0.1.0.tgz", + "integrity": "sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI=", + "dev": true + }, + "url-parse-lax": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/url-parse-lax/-/url-parse-lax-3.0.0.tgz", + "integrity": "sha1-FrXK/Afb42dsGxmZF3gj1lA6yww=", + "requires": { + "prepend-http": "^2.0.0" + } + }, + "url-to-options": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/url-to-options/-/url-to-options-1.0.1.tgz", + "integrity": "sha1-FQWgOiiaSMvXpDTvuu7FBV9WM6k=" + }, + "use": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz", + "integrity": "sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==", + "dev": true + }, + "util-deprecate": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", + "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=" + }, + "uuid": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", + "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==" + }, + "v8-to-istanbul": { + "version": "4.1.4", + "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-4.1.4.tgz", + "integrity": "sha512-Rw6vJHj1mbdK8edjR7+zuJrpDtKIgNdAvTSAcpYfgMIw+u2dPDntD3dgN4XQFLU2/fvFQdzj+EeSGfd/jnY5fQ==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "^2.0.1", + "convert-source-map": "^1.6.0", + "source-map": "^0.7.3" + }, + "dependencies": { + "source-map": { + "version": "0.7.3", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.3.tgz", + "integrity": "sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==", + "dev": true + } + } + }, + "validate-npm-package-license": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", + "dev": true, + "requires": { + "spdx-correct": "^3.0.0", + "spdx-expression-parse": "^3.0.0" + } + }, + "verror": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", + "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", + "requires": { + "assert-plus": "^1.0.0", + "core-util-is": "1.0.2", + "extsprintf": "^1.2.0" + } + }, + "w3c-hr-time": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", + "integrity": "sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==", + "dev": true, + "requires": { + "browser-process-hrtime": "^1.0.0" + } + }, + "w3c-xmlserializer": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-1.1.2.tgz", + "integrity": "sha512-p10l/ayESzrBMYWRID6xbuCKh2Fp77+sA0doRuGn4tTIMrrZVeqfpKjXHY+oDh3K4nLdPgNwMTVP6Vp4pvqbNg==", + "dev": true, + "requires": { + "domexception": "^1.0.1", + "webidl-conversions": "^4.0.2", + "xml-name-validator": "^3.0.0" + } + }, + "walker": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.7.tgz", + "integrity": "sha1-L3+bj9ENZ3JisYqITijRlhjgKPs=", + "dev": true, + "requires": { + "makeerror": "1.0.x" + } + }, + "webidl-conversions": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-4.0.2.tgz", + "integrity": "sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==", + "dev": true + }, + "whatwg-encoding": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz", + "integrity": "sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==", + "dev": true, + "requires": { + "iconv-lite": "0.4.24" + } + }, + "whatwg-mimetype": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz", + "integrity": "sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==", + "dev": true + }, + "whatwg-url": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-7.1.0.tgz", + "integrity": "sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg==", + "dev": true, + "requires": { + "lodash.sortby": "^4.7.0", + "tr46": "^1.0.1", + "webidl-conversions": "^4.0.2" + } + }, + "which": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, + "requires": { + "isexe": "^2.0.0" + } + }, + "which-module": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/which-module/-/which-module-2.0.0.tgz", + "integrity": "sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho=", + "dev": true + }, + "word-wrap": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", + "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", + "dev": true + }, + "wrap-ansi": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", + "integrity": "sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA==", + "dev": true, + "requires": { + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" + } + }, + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" + }, + "write-file-atomic": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.3.tgz", + "integrity": "sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==", + "dev": true, + "requires": { + "imurmurhash": "^0.1.4", + "is-typedarray": "^1.0.0", + "signal-exit": "^3.0.2", + "typedarray-to-buffer": "^3.1.5" + } + }, + "ws": { + "version": "7.3.0", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.3.0.tgz", + "integrity": "sha512-iFtXzngZVXPGgpTlP1rBqsUK82p9tKqsWRPg5L56egiljujJT3vGAYnHANvFxBieXrTFavhzhxW52jnaWV+w2w==", + "dev": true + }, + "xml-name-validator": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", + "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==", + "dev": true + }, + "xmlchars": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz", + "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==", + "dev": true + }, + "y18n": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.0.tgz", + "integrity": "sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w==", + "dev": true + }, + "yallist": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", + "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" + }, + "yargs": { + "version": "15.3.1", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-15.3.1.tgz", + "integrity": "sha512-92O1HWEjw27sBfgmXiixJWT5hRBp2eobqXicLtPBIDBhYB+1HpwZlXmbW2luivBJHBzki+7VyCLRtAkScbTBQA==", + "dev": true, + "requires": { + "cliui": "^6.0.0", + "decamelize": "^1.2.0", + "find-up": "^4.1.0", + "get-caller-file": "^2.0.1", + "require-directory": "^2.1.1", + "require-main-filename": "^2.0.0", + "set-blocking": "^2.0.0", + "string-width": "^4.2.0", + "which-module": "^2.0.0", + "y18n": "^4.0.0", + "yargs-parser": "^18.1.1" + } + }, + "yargs-parser": { + "version": "18.1.3", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-18.1.3.tgz", + "integrity": "sha512-o50j0JeToy/4K6OZcaQmW6lyXXKhq7csREXcDwk2omFPJEwUNOVtJKvmDr9EI1fAJZUyZcRF7kxGBWmRXudrCQ==", + "dev": true, + "requires": { + "camelcase": "^5.0.0", + "decamelize": "^1.2.0" + } + } + } +} diff --git a/hooks/nmap-subsequent-scans/package.json b/hooks/nmap-subsequent-scans/package.json new file mode 100644 index 00000000..9e987a77 --- /dev/null +++ b/hooks/nmap-subsequent-scans/package.json @@ -0,0 +1,19 @@ +{ + "name": "scb-add-attributes", + "version": "1.0.0", + "description": "", + "main": "hook.js", + "scripts": { + "test": "jest ." + }, + "keywords": [], + "author": "", + "license": "ISC", + "dependencies": { + "@kubernetes/client-node": "^0.12.0", + "lodash.set": "^4.3.2" + }, + "devDependencies": { + "jest": "^25.1.0" + } +} diff --git a/hooks/nmap-subsequent-scans/scan-helpers.js b/hooks/nmap-subsequent-scans/scan-helpers.js new file mode 100644 index 00000000..774abba5 --- /dev/null +++ b/hooks/nmap-subsequent-scans/scan-helpers.js @@ -0,0 +1,47 @@ +const k8s = require("@kubernetes/client-node"); + +// configure k8s client +const kc = new k8s.KubeConfig(); +kc.loadFromDefault(); + +const k8sApiCRD = kc.makeApiClient(k8s.CustomObjectsApi); + +async function startSubsequentSecureCodeBoxScan({ + parentScan, + name, + scanType, + parameters, +}) { + const scanDefinition = { + apiVersion: "execution.experimental.securecodebox.io/v1", + kind: "Scan", + metadata: { + name: name, + labels: { + ...parentScan.metadata.labels, + }, + }, + spec: { + scanType, + parameters, + }, + }; + + try { + // Starting another subsequent sslyze scan based on the nmap results + // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 + await k8sApiCRD.createNamespacedCustomObject( + "execution.experimental.securecodebox.io", + "v1", + "default", + "scans", + scanDefinition, + "false" + ); + } catch (error) { + console.error(`Failed to start Scan ${name}`); + console.error(error); + } +} + +module.exports.startSubsequentSecureCodeBoxScan = startSubsequentSecureCodeBoxScan; From fce7d091723e268fbdb9f5e6e314ee54f1c1b0cf Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Mon, 8 Jun 2020 13:32:11 +0200 Subject: [PATCH 041/109] Change read-write-hook-test to general test-scan We decided to create a test-scan that we can use in different tests like testing the existence of the operator or hooks --- .github/workflows/ci.yaml | 18 ++ .../parser/parser.test.js | 154 ------------------ .../read-write-hook-test/scanner/Dockerfile | 4 - integrations/read-write-hook-test/values.yaml | 4 - .../.helmignore | 0 .../Chart.yaml | 7 +- .../parser/.dockerignore | 0 .../parser/.gitignore | 0 .../parser/Dockerfile | 0 .../parser/package-lock.json | 2 +- .../parser/package.json | 4 +- .../parser/parser.js | 2 +- integrations/test-scan/scanner/Dockerfile | 4 + .../test-scan-parse-definition.yaml} | 0 .../templates/test-scan-scan-type.yaml} | 12 +- integrations/test-scan/values.yaml | 4 + .../amass_securecodebox_io.yaml | 1 - .../execution_v1_scan/nmap_localhost.yaml | 1 - .../nmap_securecodebox_io.yaml | 1 - .../samples/execution_v1_scan/test-scan.yaml | 8 + 20 files changed, 46 insertions(+), 180 deletions(-) delete mode 100644 integrations/read-write-hook-test/parser/parser.test.js delete mode 100644 integrations/read-write-hook-test/scanner/Dockerfile delete mode 100644 integrations/read-write-hook-test/values.yaml rename integrations/{read-write-hook-test => test-scan}/.helmignore (100%) rename integrations/{read-write-hook-test => test-scan}/Chart.yaml (53%) rename integrations/{read-write-hook-test => test-scan}/parser/.dockerignore (100%) rename integrations/{read-write-hook-test => test-scan}/parser/.gitignore (100%) rename integrations/{read-write-hook-test => test-scan}/parser/Dockerfile (100%) rename integrations/{read-write-hook-test => test-scan}/parser/package-lock.json (99%) rename integrations/{read-write-hook-test => test-scan}/parser/package.json (66%) rename integrations/{read-write-hook-test => test-scan}/parser/parser.js (96%) create mode 100644 integrations/test-scan/scanner/Dockerfile rename integrations/{read-write-hook-test/templates/read-write-hook-test-parse-definition.yaml => test-scan/templates/test-scan-parse-definition.yaml} (100%) rename integrations/{read-write-hook-test/templates/read-write-hook-test-scan-type.yaml => test-scan/templates/test-scan-scan-type.yaml} (50%) create mode 100644 integrations/test-scan/values.yaml create mode 100644 operator/config/samples/execution_v1_scan/test-scan.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 19ca6847..bb26eb91 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -157,6 +157,15 @@ jobs: path: ./integrations/sslyze/parser/ tag_with_ref: true tag_with_sha: true + - uses: docker/build-push-action@v1 + name: "Build & Push test-scan Parser Image" + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: scbexperimental/parser-test-scan + path: ./integrations/nmap/parser/ + tag_with_ref: true + tag_with_sha: true - uses: docker/build-push-action@v1 name: "Build & Push Trivy Parser Image" with: @@ -246,6 +255,15 @@ jobs: path: ./integrations/kube-hunter/scanner/ # Note: not prefixed with a "v" as this matches the aquasec/kube-hunter tags tags: "0.3.0,latest" + - uses: docker/build-push-action@v1 + name: "Build & Push test-scan Scanner Image" + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: scbexperimental/test-scan + path: ./integrations/test-scan/scanner/ + # Note: not prefixed with a "v" as this seems to match nmap versioning standards + tags: "latest" integrationTests: name: "Test / Integration / k8s ${{ matrix.k8sVersion }}" needs: diff --git a/integrations/read-write-hook-test/parser/parser.test.js b/integrations/read-write-hook-test/parser/parser.test.js deleted file mode 100644 index 84fdf68b..00000000 --- a/integrations/read-write-hook-test/parser/parser.test.js +++ /dev/null @@ -1,154 +0,0 @@ -const fs = require("fs"); -const util = require("util"); - -// eslint-disable-next-line security/detect-non-literal-fs-filename -const readFile = util.promisify(fs.readFile); - -const { parse } = require("./parser"); - -test("should properly parse nmap xml file", async () => { - const xmlContent = await readFile( - __dirname + "/__testFiles__/localhost.xml", - { - encoding: "utf8" - } - ); - - expect(await parse(xmlContent)).toMatchInlineSnapshot(` - Array [ - Object { - "attributes": Object { - "hostname": "localhost", - "ip_address": "127.0.0.1", - "mac_address": null, - "method": "table", - "operating_system": null, - "port": 53, - "protocol": "tcp", - "scripts": null, - "service": "domain", - "serviceProduct": null, - "serviceVersion": null, - "state": "open", - }, - "category": "Open Port", - "description": "Port 53 is open using tcp protocol.", - "location": "tcp://127.0.0.1:53", - "name": "domain", - "osi_layer": "NETWORK", - "severity": "INFORMATIONAL", - }, - Object { - "attributes": Object { - "hostname": "localhost", - "ip_address": "127.0.0.1", - "mac_address": null, - "method": "table", - "operating_system": null, - "port": 8021, - "protocol": "tcp", - "scripts": null, - "service": "ftp-proxy", - "serviceProduct": null, - "serviceVersion": null, - "state": "open", - }, - "category": "Open Port", - "description": "Port 8021 is open using tcp protocol.", - "location": "tcp://127.0.0.1:8021", - "name": "ftp-proxy", - "osi_layer": "NETWORK", - "severity": "INFORMATIONAL", - }, - Object { - "attributes": Object { - "hostname": "localhost", - "ip_address": "127.0.0.1", - "mac_address": null, - "method": "table", - "operating_system": null, - "port": 8080, - "protocol": "tcp", - "scripts": null, - "service": "http-proxy", - "serviceProduct": null, - "serviceVersion": null, - "state": "open", - }, - "category": "Open Port", - "description": "Port 8080 is open using tcp protocol.", - "location": "tcp://127.0.0.1:8080", - "name": "http-proxy", - "osi_layer": "NETWORK", - "severity": "INFORMATIONAL", - }, - Object { - "attributes": Object { - "hostname": "localhost", - "ip_address": "127.0.0.1", - "mac_address": null, - "method": "table", - "operating_system": null, - "port": 9200, - "protocol": "tcp", - "scripts": null, - "service": "wap-wsp", - "serviceProduct": null, - "serviceVersion": null, - "state": "open", - }, - "category": "Open Port", - "description": "Port 9200 is open using tcp protocol.", - "location": "tcp://127.0.0.1:9200", - "name": "wap-wsp", - "osi_layer": "NETWORK", - "severity": "INFORMATIONAL", - }, - Object { - "attributes": Object { - "hostname": "localhost", - "ip_address": "127.0.0.1", - "operating_system": null, - }, - "category": "Host", - "description": "Found a host", - "location": "localhost", - "name": "Host: localhost", - "osi_layer": "NETWORK", - "severity": "INFORMATIONAL", - }, - ] - `); -}); - -test("should properly parse a nmap xml without any ports", async () => { - const xmlContent = await readFile(__dirname + "/__testFiles__/no-ports.xml", { - encoding: "utf8" - }); - - expect(await parse(xmlContent)).toMatchInlineSnapshot(` - Array [ - Object { - "attributes": Object { - "hostname": "localhost", - "ip_address": "127.0.0.1", - "operating_system": null, - }, - "category": "Host", - "description": "Found a host", - "location": "localhost", - "name": "Host: localhost", - "osi_layer": "NETWORK", - "severity": "INFORMATIONAL", - }, - ] - `); -}); - -test("should properly parse a nmap xml without any host", async () => { - const xmlContent = await readFile(__dirname + "/__testFiles__/no-host.xml", { - encoding: "utf8" - }); - - expect(await parse(xmlContent)).toMatchInlineSnapshot(`Array []`); -}); diff --git a/integrations/read-write-hook-test/scanner/Dockerfile b/integrations/read-write-hook-test/scanner/Dockerfile deleted file mode 100644 index dd7bb5a4..00000000 --- a/integrations/read-write-hook-test/scanner/Dockerfile +++ /dev/null @@ -1,4 +0,0 @@ -FROM alpine:3.11 -RUN addgroup -S rwhook && adduser -S -g rwhook rwhook -USER rwhook -CMD [cat] \ No newline at end of file diff --git a/integrations/read-write-hook-test/values.yaml b/integrations/read-write-hook-test/values.yaml deleted file mode 100644 index b48f15b4..00000000 --- a/integrations/read-write-hook-test/values.yaml +++ /dev/null @@ -1,4 +0,0 @@ -parserImage: - registry: docker.io - repository: scbexperimental/parser-read-write-hook-test - tag: latest diff --git a/integrations/read-write-hook-test/.helmignore b/integrations/test-scan/.helmignore similarity index 100% rename from integrations/read-write-hook-test/.helmignore rename to integrations/test-scan/.helmignore diff --git a/integrations/read-write-hook-test/Chart.yaml b/integrations/test-scan/Chart.yaml similarity index 53% rename from integrations/read-write-hook-test/Chart.yaml rename to integrations/test-scan/Chart.yaml index 67b96c53..ef063cb1 100644 --- a/integrations/read-write-hook-test/Chart.yaml +++ b/integrations/test-scan/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -name: read-write-hook-test -description: A Helm chart to test the integration of read and write hooks. +name: test-scan +description: A Helm chart to test the secureCodeBox operator type: application version: 0.1.0 @@ -8,13 +8,10 @@ appVersion: 0.1.0 keywords: - security -- readWriteHook - scanner - secureCodeBox - integrationTest - test -home: https://www.securecodebox.io/scanner/Nmap -icon: https://www.securecodebox.io/integrationIcons/Nmap.svg sources: - https://github.com/secureCodeBox/secureCodeBox maintainers: diff --git a/integrations/read-write-hook-test/parser/.dockerignore b/integrations/test-scan/parser/.dockerignore similarity index 100% rename from integrations/read-write-hook-test/parser/.dockerignore rename to integrations/test-scan/parser/.dockerignore diff --git a/integrations/read-write-hook-test/parser/.gitignore b/integrations/test-scan/parser/.gitignore similarity index 100% rename from integrations/read-write-hook-test/parser/.gitignore rename to integrations/test-scan/parser/.gitignore diff --git a/integrations/read-write-hook-test/parser/Dockerfile b/integrations/test-scan/parser/Dockerfile similarity index 100% rename from integrations/read-write-hook-test/parser/Dockerfile rename to integrations/test-scan/parser/Dockerfile diff --git a/integrations/read-write-hook-test/parser/package-lock.json b/integrations/test-scan/parser/package-lock.json similarity index 99% rename from integrations/read-write-hook-test/parser/package-lock.json rename to integrations/test-scan/parser/package-lock.json index 9ce75c64..08679e58 100644 --- a/integrations/read-write-hook-test/parser/package-lock.json +++ b/integrations/test-scan/parser/package-lock.json @@ -1,5 +1,5 @@ { - "name": "read-write-hook-test-parser", + "name": "test-scan-parser", "version": "1.0.0", "lockfileVersion": 1, "requires": true, diff --git a/integrations/read-write-hook-test/parser/package.json b/integrations/test-scan/parser/package.json similarity index 66% rename from integrations/read-write-hook-test/parser/package.json rename to integrations/test-scan/parser/package.json index f0015799..55877c46 100644 --- a/integrations/read-write-hook-test/parser/package.json +++ b/integrations/test-scan/parser/package.json @@ -1,7 +1,7 @@ { - "name": "read-write-hook-test-parser", + "name": "test-scan-parser", "version": "1.0.0", - "description": "Parses result files for the type: 'nmap-xml'", + "description": "Parses result files for the type: 'test-txt'", "main": "", "scripts": {}, "keywords": [], diff --git a/integrations/read-write-hook-test/parser/parser.js b/integrations/test-scan/parser/parser.js similarity index 96% rename from integrations/read-write-hook-test/parser/parser.js rename to integrations/test-scan/parser/parser.js index 8742fd3c..42e0b06a 100644 --- a/integrations/read-write-hook-test/parser/parser.js +++ b/integrations/test-scan/parser/parser.js @@ -1,4 +1,4 @@ -async function parse(fileContent) { +async function parse() { return transformToFindings(); } diff --git a/integrations/test-scan/scanner/Dockerfile b/integrations/test-scan/scanner/Dockerfile new file mode 100644 index 00000000..18e621a8 --- /dev/null +++ b/integrations/test-scan/scanner/Dockerfile @@ -0,0 +1,4 @@ +FROM alpine:3.11 +RUN addgroup -S test && adduser -S -g test test +USER test +CMD [cat] \ No newline at end of file diff --git a/integrations/read-write-hook-test/templates/read-write-hook-test-parse-definition.yaml b/integrations/test-scan/templates/test-scan-parse-definition.yaml similarity index 100% rename from integrations/read-write-hook-test/templates/read-write-hook-test-parse-definition.yaml rename to integrations/test-scan/templates/test-scan-parse-definition.yaml diff --git a/integrations/read-write-hook-test/templates/read-write-hook-test-scan-type.yaml b/integrations/test-scan/templates/test-scan-scan-type.yaml similarity index 50% rename from integrations/read-write-hook-test/templates/read-write-hook-test-scan-type.yaml rename to integrations/test-scan/templates/test-scan-scan-type.yaml index 413330d3..016215d6 100644 --- a/integrations/read-write-hook-test/templates/read-write-hook-test-scan-type.yaml +++ b/integrations/test-scan/templates/test-scan-scan-type.yaml @@ -1,11 +1,11 @@ apiVersion: "execution.experimental.securecodebox.io/v1" kind: ScanType metadata: - name: "rw-hook-test" + name: "test-scan" spec: extractResults: - type: nmap-xml - location: "/home/securecodebox/rw-hook-test-results.xml" + type: test-txt + location: "/home/securecodebox/hello-world.txt" jobTemplate: spec: ttlSecondsAfterFinished: 10 @@ -14,6 +14,6 @@ spec: spec: restartPolicy: OnFailure containers: - - name: rw-hook-test - image: scbexperimental/rw-hook-test:latest - command: ["cat", "/home/securecodebox/nmap-results.xml"] + - name: test-scan + image: scbexperimental/test-scan:latest + command: ["touch", "/home/securecodebox/hello-world.txt"] diff --git a/integrations/test-scan/values.yaml b/integrations/test-scan/values.yaml new file mode 100644 index 00000000..538e2e6d --- /dev/null +++ b/integrations/test-scan/values.yaml @@ -0,0 +1,4 @@ +parserImage: + registry: docker.io + repository: scbexperimental/parser-test-scan + tag: latest diff --git a/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml index e1264ddf..a607f69e 100644 --- a/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml +++ b/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml @@ -2,7 +2,6 @@ apiVersion: "execution.experimental.securecodebox.io/v1" kind: Scan metadata: name: "amass-securecodebox.io" - namespace: default labels: organization: "secureCodeBox" spec: diff --git a/operator/config/samples/execution_v1_scan/nmap_localhost.yaml b/operator/config/samples/execution_v1_scan/nmap_localhost.yaml index 0bdc29f8..7acfcf5b 100644 --- a/operator/config/samples/execution_v1_scan/nmap_localhost.yaml +++ b/operator/config/samples/execution_v1_scan/nmap_localhost.yaml @@ -2,7 +2,6 @@ apiVersion: execution.experimental.securecodebox.io/v1 kind: Scan metadata: name: nmap-localhost - namespace: default spec: parameters: - -Pn diff --git a/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml index 9b2b3a72..15407835 100644 --- a/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml +++ b/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml @@ -2,7 +2,6 @@ apiVersion: execution.experimental.securecodebox.io/v1 kind: Scan metadata: name: nmap-securecodebox.io - namespace: default spec: parameters: - -Pn diff --git a/operator/config/samples/execution_v1_scan/test-scan.yaml b/operator/config/samples/execution_v1_scan/test-scan.yaml new file mode 100644 index 00000000..dfaffd99 --- /dev/null +++ b/operator/config/samples/execution_v1_scan/test-scan.yaml @@ -0,0 +1,8 @@ +apiVersion: execution.experimental.securecodebox.io/v1 +kind: Scan +metadata: + name: test-scan + namespace: default +spec: + scanType: test-scan + parameters: [] From 5a0ac1c48793524eb6f143aadbef218dbc21d389 Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Mon, 8 Jun 2020 13:43:58 +0200 Subject: [PATCH 042/109] Fix spelling --- lurcher/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lurcher/main.go b/lurcher/main.go index c501b61b..207de096 100644 --- a/lurcher/main.go +++ b/lurcher/main.go @@ -110,7 +110,7 @@ func waitForMainContainerToEnd(container, pod, namespace string) { for _, status := range containerStatuses { if status.Name == container && status.State.Terminated != nil { - log.Printf("Main Container Exited. Lurcher will end asswell.") + log.Printf("Main Container Exited. Lurcher will end as well.") return } } From 9d953dfb5ff0d419d1b2c2f732e5998a046048bf Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Mon, 8 Jun 2020 13:55:39 +0200 Subject: [PATCH 043/109] Fix build for test-scan --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index bb26eb91..45186c28 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -163,7 +163,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-test-scan - path: ./integrations/nmap/parser/ + path: ./integrations/test-scan/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 From 6a48e9edb602fd3f4ada4b9a6526ef6f034a7b23 Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Mon, 8 Jun 2020 13:56:31 +0200 Subject: [PATCH 044/109] Remove default namespace --- operator/config/samples/execution_v1_scan/test-scan.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/operator/config/samples/execution_v1_scan/test-scan.yaml b/operator/config/samples/execution_v1_scan/test-scan.yaml index dfaffd99..55d7b8f6 100644 --- a/operator/config/samples/execution_v1_scan/test-scan.yaml +++ b/operator/config/samples/execution_v1_scan/test-scan.yaml @@ -2,7 +2,6 @@ apiVersion: execution.experimental.securecodebox.io/v1 kind: Scan metadata: name: test-scan - namespace: default spec: scanType: test-scan parameters: [] From 78ea2643dc22b705dfa245e63b6a348cb4cff339 Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Mon, 8 Jun 2020 13:56:53 +0200 Subject: [PATCH 045/109] Change result type for test-scan --- .../test-scan/templates/test-scan-parse-definition.yaml | 4 ++-- integrations/test-scan/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/integrations/test-scan/templates/test-scan-parse-definition.yaml b/integrations/test-scan/templates/test-scan-parse-definition.yaml index 3a321dd0..3b4442c0 100644 --- a/integrations/test-scan/templates/test-scan-parse-definition.yaml +++ b/integrations/test-scan/templates/test-scan-parse-definition.yaml @@ -1,7 +1,7 @@ apiVersion: "execution.experimental.securecodebox.io/v1" kind: ParseDefinition metadata: - name: "read-write-hook-test-xml" + name: "test-txt" spec: - handlesResultsType: nmap-xml + handlesResultsType: test-txt image: "{{ .Values.parserImage.registry }}/{{ .Values.parserImage.repository }}:{{ .Values.parserImage.tag }}" diff --git a/integrations/test-scan/values.yaml b/integrations/test-scan/values.yaml index 538e2e6d..8d51b70e 100644 --- a/integrations/test-scan/values.yaml +++ b/integrations/test-scan/values.yaml @@ -1,4 +1,4 @@ parserImage: registry: docker.io repository: scbexperimental/parser-test-scan - tag: latest + tag: hooks From c43da41a89f9660de59cc26c1e7085277bf3d84a Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Mon, 8 Jun 2020 14:03:27 +0200 Subject: [PATCH 046/109] Fix dummy parser --- integrations/test-scan/parser/parser.js | 75 ++++++++++++------------- 1 file changed, 35 insertions(+), 40 deletions(-) diff --git a/integrations/test-scan/parser/parser.js b/integrations/test-scan/parser/parser.js index 42e0b06a..9762a542 100644 --- a/integrations/test-scan/parser/parser.js +++ b/integrations/test-scan/parser/parser.js @@ -1,46 +1,41 @@ async function parse() { - return transformToFindings(); -} - -function transformToFindings() { - const portFindings = { - name: "Test read-write-hook service", - description: `Port is using protocol.`, - category: 'Open Port', - location: `tcp://rw-hook-test:80`, - osi_layer: 'NETWORK', - severity: 'INFORMATIONAL', - attributes: { - port: 80, - state: "Open", - ip_address: "host ip address", - mac_address: "hostInfo.mac", - protocol: "openPort.protocol", - hostname: "hostInfo.hostname", - method: "openPort.method", - operating_system: "hostInfo.osNmap", - service: "openPort.service", - serviceProduct: "openPort.serviceProduct", - serviceVersion: "openPort.serviceVersion", - scripts: "openPort.scriptOutputs", + return [ + { + name: "Test read-write-hook service", + description: `Port is using protocol.`, + category: "Open Port", + location: `tcp://rw-hook-test:80`, + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + attributes: { + port: 80, + state: "Open", + ip_address: "host ip address", + mac_address: "hostInfo.mac", + protocol: "openPort.protocol", + hostname: "hostInfo.hostname", + method: "openPort.method", + operating_system: "hostInfo.osNmap", + service: "openPort.service", + serviceProduct: "openPort.serviceProduct", + serviceVersion: "openPort.serviceVersion", + scripts: "openPort.scriptOutputs", + }, }, - }; - - const hostFindings = { - name: `Host: hostname`, - category: 'Host', - description: 'Found a host', - location: "hostname", - severity: 'INFORMATIONAL', - osi_layer: 'NETWORK', - attributes: { - ip_address: "ip address", - hostname: "hostname", - operating_system: "osNmap", + { + name: `Host: hostname`, + category: "Host", + description: "Found a host", + location: "hostname", + severity: "INFORMATIONAL", + osi_layer: "NETWORK", + attributes: { + ip_address: "ip address", + hostname: "hostname", + operating_system: "osNmap", + }, }, - }; - - return [...portFindings, ...hostFindings]; + ]; } module.exports.parse = parse; From 2186f9c7d3834b8ce628c495838b97735205a270 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 8 Jun 2020 14:12:07 +0200 Subject: [PATCH 047/109] Added ownerReference to all subsequent scan created by the nmap-subsequent-scans hook. Now it ist possible to delete the primary scan and all subsequent scans will be deleted too. --- hooks/nmap-subsequent-scans/hook.js | 8 ++++---- hooks/nmap-subsequent-scans/scan-helpers.js | 21 +++++++++++++++++++++ 2 files changed, 25 insertions(+), 4 deletions(-) diff --git a/hooks/nmap-subsequent-scans/hook.js b/hooks/nmap-subsequent-scans/hook.js index 34bdeb1d..440f79b2 100644 --- a/hooks/nmap-subsequent-scans/hook.js +++ b/hooks/nmap-subsequent-scans/hook.js @@ -67,7 +67,7 @@ async function handle({ scan, getFindings }) { */ async function startZAPBaselineScan({ parentScan, hostname, port }) { console.log( - " --> starting subsequent ZAP Scan for host: " + hostname + ":" + port + " --> Starting async subsequent ZAP Scan for host: " + hostname + ":" + port ); await startSubsequentSecureCodeBoxScan({ @@ -85,7 +85,7 @@ async function startZAPBaselineScan({ parentScan, hostname, port }) { */ async function startSSHScan({ parentScan, hostname, port }) { console.log( - " --> starting subsequent SSH Scan for host: " + hostname + ":" + port + " --> Starting async subsequent SSH Scan for host: " + hostname + ":" + port ); await startSubsequentSecureCodeBoxScan({ @@ -103,7 +103,7 @@ async function startSSHScan({ parentScan, hostname, port }) { */ async function startNiktoScan({ parentScan, hostname, port }) { console.log( - " --> starting subsequent Nikto Scan for host: " + hostname + ":" + port + " --> Starting async subsequent Nikto Scan for host: " + hostname + ":" + port ); await startSubsequentSecureCodeBoxScan({ @@ -121,7 +121,7 @@ async function startNiktoScan({ parentScan, hostname, port }) { */ async function startSSLyzeScan({ parentScan, hostname, port }) { console.log( - " --> starting subsequent SSLyze Scan for host: " + hostname + ":" + port + " --> Starting async subsequent SSLyze Scan for host: " + hostname + ":" + port ); await startSubsequentSecureCodeBoxScan({ diff --git a/hooks/nmap-subsequent-scans/scan-helpers.js b/hooks/nmap-subsequent-scans/scan-helpers.js index 774abba5..53b22a5f 100644 --- a/hooks/nmap-subsequent-scans/scan-helpers.js +++ b/hooks/nmap-subsequent-scans/scan-helpers.js @@ -20,6 +20,11 @@ async function startSubsequentSecureCodeBoxScan({ labels: { ...parentScan.metadata.labels, }, + annotations: { + 'securecodebox.io/hook': 'nmap-subsequent-scans', + 'securecodebox.io/parent-scan': parentScan.metadata.name, + }, + ...(await getOwnerReference(parentScan)), }, spec: { scanType, @@ -27,6 +32,7 @@ async function startSubsequentSecureCodeBoxScan({ }, }; + try { // Starting another subsequent sslyze scan based on the nmap results // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 @@ -44,4 +50,19 @@ async function startSubsequentSecureCodeBoxScan({ } } +async function getOwnerReference(parentScan) { + return { + ownerReferences: [ + { + apiVersion: 'execution.experimental.securecodebox.io/v1', + blockOwnerDeletion: true, + controller: true, + kind: 'Scan', + name: parentScan.metadata.name, + uid: parentScan.metadata.uid, + }, + ], + }; +} + module.exports.startSubsequentSecureCodeBoxScan = startSubsequentSecureCodeBoxScan; From 1c277c84d8842a64e165c6c468b027a9002e6aa1 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 8 Jun 2020 14:42:48 +0200 Subject: [PATCH 048/109] Added AMASS subsequent scans also to nmap-subsequent-scans hook. We should refactor the name of the hook to subsequent-scans and bundle all subsequent scans actions there. --- hooks/nmap-subsequent-scans/hook.js | 39 +++++++++++++++++++++++++++-- 1 file changed, 37 insertions(+), 2 deletions(-) diff --git a/hooks/nmap-subsequent-scans/hook.js b/hooks/nmap-subsequent-scans/hook.js index 440f79b2..4fab3bd4 100644 --- a/hooks/nmap-subsequent-scans/hook.js +++ b/hooks/nmap-subsequent-scans/hook.js @@ -6,7 +6,7 @@ async function handle({ scan, getFindings }) { console.log(findings); console.log( - `Found #${findings.length} findings... trying to find possible subsequent security scans.` + `Found #${findings.length} findings... Trying to find identify if these are NMAP specific findings and start possible subsequent security scans.` ); for (const finding of findings) { @@ -18,7 +18,7 @@ async function handle({ scan, getFindings }) { const port = finding.attributes.port; console.log( - "Found open port finding for service: " + finding.attributes.port + "Found NMAP 'Open Port' finding for service: " + finding.attributes.port ); // search for HTTP ports and start subsequent Nikto Scan @@ -58,6 +58,41 @@ async function handle({ scan, getFindings }) { } } } + + console.log( + `Found #${findings.length} findings... Trying to find identify if these are AMASS specific findings and start possible subsequent security scans.` + ); + + for (const finding of findings) { + if(finding.category === "Subdomain" && finding.osi_layer === "NETWORK" && finding.description.startsWith("Found subdomain")) { + console.log("Found AMASS 'Subdomain' finding: " + finding.location); + + const hostname = finding.location; + + await startNMAPScan({ + parentScan: scan, + hostname + }); + } + } +} + +/** + * Creates a new subsequent SCB ZAP Scan for the given hostname. + * @param {string} hostname The hostname to start a new subsequent ZAP scan for. + * @param {string} port The port to start a new subsequent ZAP scan for. + */ +async function startNMAPScan({ parentScan, hostname}) { + console.log( + " --> Starting async subsequent NMAP Scan for host: " + hostname + ); + + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `nmap-${hostname.toLowerCase()}`, + scanType: "nmap", + parameters: ["-Pn", hostname], + }); } /** From b3412ceef1ec4bd708c46caccd3383b85d2d4cbe Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 8 Jun 2020 17:05:16 +0200 Subject: [PATCH 049/109] Refactored name to a more generic one and added more tests. You need to reinstall the new hook (imperative-subsequent-scans) via helm and delete the old one (nmap-subsequent-scans) if you want to use this feature. --- .github/workflows/ci.yaml | 6 +- README.md | 2 +- .../.dockerignore | 0 .../.gitignore | 0 .../.helmignore | 0 .../Chart.lock | 0 .../Chart.yaml | 4 +- .../Dockerfile | 0 .../__mocks__/scan-helpers.js | 0 .../hook.js | 0 .../imperative-subsequent-scans/hook.test.js | 236 ++++++++++++++++++ .../package-lock.json | 2 +- .../package.json | 2 +- .../scan-helpers.js | 0 .../templates/NOTES.txt | 2 + .../templates/_helpers.tpl | 16 +- .../imperative-subsequent-scans-hook.yaml} | 2 +- .../values.yaml | 2 +- hooks/nmap-subsequent-scans/hook.test.js | 49 ---- .../nmap-subsequent-scans/templates/NOTES.txt | 2 - 20 files changed, 256 insertions(+), 69 deletions(-) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/.dockerignore (100%) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/.gitignore (100%) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/.helmignore (100%) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/Chart.lock (100%) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/Chart.yaml (59%) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/Dockerfile (100%) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/__mocks__/scan-helpers.js (100%) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/hook.js (100%) create mode 100644 hooks/imperative-subsequent-scans/hook.test.js rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/package-lock.json (99%) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/package.json (88%) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/scan-helpers.js (100%) create mode 100644 hooks/imperative-subsequent-scans/templates/NOTES.txt rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/templates/_helpers.tpl (72%) rename hooks/{nmap-subsequent-scans/templates/nmap-subsequent-scans-hook.yaml => imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml} (90%) rename hooks/{nmap-subsequent-scans => imperative-subsequent-scans}/values.yaml (73%) delete mode 100644 hooks/nmap-subsequent-scans/hook.test.js delete mode 100644 hooks/nmap-subsequent-scans/templates/NOTES.txt diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 45186c28..08f135b0 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -224,12 +224,12 @@ jobs: path: ./hooks/generic-webhook/ tag_with_ref: true - uses: docker/build-push-action@v1 - name: "Build & Push NmapSubsequentScans Hook Image" + name: "Build & Push ImperativeSubsequentScans Hook Image" with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/hook-nmap-subsequent-scans - path: ./hooks/nmap-subsequent-scans/ + repository: scbexperimental/hook-imperative-subsequent-scans + path: ./hooks/imperative-subsequent-scans/ tag_with_ref: true scannerImages: # Note we only build images for scanner that don't provider official public container images diff --git a/README.md b/README.md index 8d815842..b6f5c8c4 100644 --- a/README.md +++ b/README.md @@ -82,7 +82,7 @@ helm install dummy-ssh ./demo-apps/dummy-ssh/ # Deploy secureCodeBox Hooks helm install add-attributes ./hooks/add-attributes/ helm install generic-webhook ./hooks/generic-webhook/ -helm install nmap-subsequent-scans ./hooks/nmap-subsequent-scans/ +helm install imperative-subsequent-scans ./hooks/imperative-subsequent-scans/ ## Persistence Provider: Elasticsearch helm install persistence-elastic ./hooks/persistence-elastic/ diff --git a/hooks/nmap-subsequent-scans/.dockerignore b/hooks/imperative-subsequent-scans/.dockerignore similarity index 100% rename from hooks/nmap-subsequent-scans/.dockerignore rename to hooks/imperative-subsequent-scans/.dockerignore diff --git a/hooks/nmap-subsequent-scans/.gitignore b/hooks/imperative-subsequent-scans/.gitignore similarity index 100% rename from hooks/nmap-subsequent-scans/.gitignore rename to hooks/imperative-subsequent-scans/.gitignore diff --git a/hooks/nmap-subsequent-scans/.helmignore b/hooks/imperative-subsequent-scans/.helmignore similarity index 100% rename from hooks/nmap-subsequent-scans/.helmignore rename to hooks/imperative-subsequent-scans/.helmignore diff --git a/hooks/nmap-subsequent-scans/Chart.lock b/hooks/imperative-subsequent-scans/Chart.lock similarity index 100% rename from hooks/nmap-subsequent-scans/Chart.lock rename to hooks/imperative-subsequent-scans/Chart.lock diff --git a/hooks/nmap-subsequent-scans/Chart.yaml b/hooks/imperative-subsequent-scans/Chart.yaml similarity index 59% rename from hooks/nmap-subsequent-scans/Chart.yaml rename to hooks/imperative-subsequent-scans/Chart.yaml index 011a743b..fa8866aa 100644 --- a/hooks/nmap-subsequent-scans/Chart.yaml +++ b/hooks/imperative-subsequent-scans/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -name: nmap-subsequent-scans -description: Starts possible subsequent security scans based on nmap findings with open ports. +name: imperative-subsequent-scans +description: Starts possible subsequent security scans based on findings (e.g. open ports found by NMAP or subdomains found by AMASS). type: application diff --git a/hooks/nmap-subsequent-scans/Dockerfile b/hooks/imperative-subsequent-scans/Dockerfile similarity index 100% rename from hooks/nmap-subsequent-scans/Dockerfile rename to hooks/imperative-subsequent-scans/Dockerfile diff --git a/hooks/nmap-subsequent-scans/__mocks__/scan-helpers.js b/hooks/imperative-subsequent-scans/__mocks__/scan-helpers.js similarity index 100% rename from hooks/nmap-subsequent-scans/__mocks__/scan-helpers.js rename to hooks/imperative-subsequent-scans/__mocks__/scan-helpers.js diff --git a/hooks/nmap-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js similarity index 100% rename from hooks/nmap-subsequent-scans/hook.js rename to hooks/imperative-subsequent-scans/hook.js diff --git a/hooks/imperative-subsequent-scans/hook.test.js b/hooks/imperative-subsequent-scans/hook.test.js new file mode 100644 index 00000000..e527446c --- /dev/null +++ b/hooks/imperative-subsequent-scans/hook.test.js @@ -0,0 +1,236 @@ +jest.mock("./scan-helpers"); + +const { handle } = require("./hook"); +const { startSubsequentSecureCodeBoxScan } = require("./scan-helpers"); + +test("Should create subsequent scans for open HTTPS ports (NMAP findings)", async () => { + const findings = [ + { + name: "Port 443 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "foobar.com", + port: 443, + service: "https", + }, + }, + { + name: "Port 8443 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "example.com", + port: 8443, + service: "ssl", + }, + }, + ]; + + const scan = { + metadata: { + labels: { + foo: "bar", + }, + }, + }; + + const getFindings = async () => findings; + + await handle({ + getFindings, + scan, + }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(4); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(1, { + name: "sslyze-foobar.com", + parameters: ["--regular", "foobar.com"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "sslyze", + }); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(2, { + name: "zap-foobar.com", + parameters: ["-t", "https://foobar.com:443"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "zap-baseline", + }); + // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(3, { + name: "sslyze-example.com", + parameters: ["--regular", "example.com"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "sslyze", + }); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(4, { + name: "zap-example.com", + parameters: ["-t", "https://example.com:8443"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "zap-baseline", + }); +}); + +test("Should create subsequent scans for open HTTP ports (NMAP findings)", async () => { + const findings = [ + { + name: "Port 80 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "foobar.com", + port: 80, + service: "http", + }, + }, + { + name: "Port 3000 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "example.com", + port: 3000, + service: "http", + }, + }, + ]; + + const scan = { + metadata: { + labels: { + foo: "bar", + }, + }, + }; + + const getFindings = async () => findings; + + await handle({ + getFindings, + scan, + }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(6); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(5, { + name: "nikto-foobar.com", + parameters: ["-h", "https://foobar.com", "-Tuning", "1,2,3,5,7,b"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "nikto", + }); + // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(6, { + name: "nikto-example.com", + parameters: ["-h", "https://example.com", "-Tuning", "1,2,3,5,7,b"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "nikto", + }); +}); + +test("Should create subsequent scans for open SSH ports (NMAP findings)", async () => { + const findings = [ + { + name: "Port 22 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "foobar.com", + port: 22, + service: "ssh", + }, + }, + { + name: "Port 23454 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "example.com", + port: 23454, + service: "ssh", + }, + }, + ]; + + const scan = { + metadata: { + labels: { + foo: "bar", + }, + }, + }; + + const getFindings = async () => findings; + + await handle({ + getFindings, + scan, + }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(8); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(7, { + name: "ssh-foobar.com", + parameters: ["-t", "foobar.com"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "ssh-scan", + }); + // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(8, { + name: "ssh-example.com", + parameters: ["-t", "example.com"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "ssh-scan", + }); +}); + +test("Should create subsequent scans for subdomains (AMASS findings)", async () => { + const findings = [ + { + name: "www.example.com", + description: "Found subdomain www.example.com", + category: "Subdomain", + location: "www.example.com", + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + }, + { + name: "example.example.com", + description: "Found subdomain example.example.com", + category: "Subdomain", + location: "example.example.com", + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + }, + ]; + + const scan = { + metadata: { + labels: { + foo: "bar", + }, + }, + }; + + const getFindings = async () => findings; + + await handle({ + getFindings, + scan, + }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(10); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(9, { + name: "nmap-www.example.com", + parameters: ["-Pn", "www.example.com"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "nmap", + }); + // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(10, { + name: "nmap-example.example.com", + parameters: ["-Pn", "example.example.com"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "nmap", + }); +}); \ No newline at end of file diff --git a/hooks/nmap-subsequent-scans/package-lock.json b/hooks/imperative-subsequent-scans/package-lock.json similarity index 99% rename from hooks/nmap-subsequent-scans/package-lock.json rename to hooks/imperative-subsequent-scans/package-lock.json index 9446900e..21a42e65 100644 --- a/hooks/nmap-subsequent-scans/package-lock.json +++ b/hooks/imperative-subsequent-scans/package-lock.json @@ -1,5 +1,5 @@ { - "name": "scb-add-attributes", + "name": "imperative-subsequent-scans", "version": "1.0.0", "lockfileVersion": 1, "requires": true, diff --git a/hooks/nmap-subsequent-scans/package.json b/hooks/imperative-subsequent-scans/package.json similarity index 88% rename from hooks/nmap-subsequent-scans/package.json rename to hooks/imperative-subsequent-scans/package.json index 9e987a77..ddcc03bb 100644 --- a/hooks/nmap-subsequent-scans/package.json +++ b/hooks/imperative-subsequent-scans/package.json @@ -1,5 +1,5 @@ { - "name": "scb-add-attributes", + "name": "imperative-subsequent-scans", "version": "1.0.0", "description": "", "main": "hook.js", diff --git a/hooks/nmap-subsequent-scans/scan-helpers.js b/hooks/imperative-subsequent-scans/scan-helpers.js similarity index 100% rename from hooks/nmap-subsequent-scans/scan-helpers.js rename to hooks/imperative-subsequent-scans/scan-helpers.js diff --git a/hooks/imperative-subsequent-scans/templates/NOTES.txt b/hooks/imperative-subsequent-scans/templates/NOTES.txt new file mode 100644 index 00000000..5c320679 --- /dev/null +++ b/hooks/imperative-subsequent-scans/templates/NOTES.txt @@ -0,0 +1,2 @@ +imperative-subsequent-scans Hook deployed. +This will start possible subsequent security scans based on nmap findings (e.g. open ports found by NMAP or subdomains found by AMASS). \ No newline at end of file diff --git a/hooks/nmap-subsequent-scans/templates/_helpers.tpl b/hooks/imperative-subsequent-scans/templates/_helpers.tpl similarity index 72% rename from hooks/nmap-subsequent-scans/templates/_helpers.tpl rename to hooks/imperative-subsequent-scans/templates/_helpers.tpl index 645c5765..f428bdf3 100644 --- a/hooks/nmap-subsequent-scans/templates/_helpers.tpl +++ b/hooks/imperative-subsequent-scans/templates/_helpers.tpl @@ -2,7 +2,7 @@ {{/* Expand the name of the chart. */}} -{{- define "nmap-subsequent-scans.name" -}} +{{- define "imperative-subsequent-scans.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -11,7 +11,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "nmap-subsequent-scans.fullname" -}} +{{- define "imperative-subsequent-scans.fullname" -}} {{- if .Values.fullnameOverride -}} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} @@ -27,16 +27,16 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "nmap-subsequent-scans.chart" -}} +{{- define "imperative-subsequent-scans.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} {{/* Common labels */}} -{{- define "nmap-subsequent-scans.labels" -}} -helm.sh/chart: {{ include "nmap-subsequent-scans.chart" . }} -{{ include "nmap-subsequent-scans.selectorLabels" . }} +{{- define "imperative-subsequent-scans.labels" -}} +helm.sh/chart: {{ include "imperative-subsequent-scans.chart" . }} +{{ include "imperative-subsequent-scans.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} @@ -46,7 +46,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "nmap-subsequent-scans.selectorLabels" -}} -app.kubernetes.io/name: {{ include "nmap-subsequent-scans.name" . }} +{{- define "imperative-subsequent-scans.selectorLabels" -}} +app.kubernetes.io/name: {{ include "imperative-subsequent-scans.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} diff --git a/hooks/nmap-subsequent-scans/templates/nmap-subsequent-scans-hook.yaml b/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml similarity index 90% rename from hooks/nmap-subsequent-scans/templates/nmap-subsequent-scans-hook.yaml rename to hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml index 354abfdb..7c2c682f 100644 --- a/hooks/nmap-subsequent-scans/templates/nmap-subsequent-scans-hook.yaml +++ b/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml @@ -1,7 +1,7 @@ apiVersion: "execution.experimental.securecodebox.io/v1" kind: ScanCompletionHook metadata: - name: {{ include "nmap-subsequent-scans.fullname" . }} + name: {{ include "imperative-subsequent-scans.fullname" . }} spec: type: ReadOnly {{- if .Values.image.registry }} diff --git a/hooks/nmap-subsequent-scans/values.yaml b/hooks/imperative-subsequent-scans/values.yaml similarity index 73% rename from hooks/nmap-subsequent-scans/values.yaml rename to hooks/imperative-subsequent-scans/values.yaml index 88771d9f..a09bd620 100644 --- a/hooks/nmap-subsequent-scans/values.yaml +++ b/hooks/imperative-subsequent-scans/values.yaml @@ -4,6 +4,6 @@ image: registry: docker.io - repository: scbexperimental/hook-nmap-subsequent-scans + repository: scbexperimental/hook-imperative-subsequent-scans tag: latest digest: null diff --git a/hooks/nmap-subsequent-scans/hook.test.js b/hooks/nmap-subsequent-scans/hook.test.js deleted file mode 100644 index a25f9878..00000000 --- a/hooks/nmap-subsequent-scans/hook.test.js +++ /dev/null @@ -1,49 +0,0 @@ -jest.mock("./scan-helpers"); - -const { handle } = require("./hook"); -const { startSubsequentSecureCodeBoxScan } = require("./scan-helpers"); - -test("should create subsequent scans for https port", async () => { - const findings = [ - { - name: "Port 443 is open", - category: "Open Port", - attributes: { - state: "open", - hostname: "foobar.com", - port: 443, - service: "https", - }, - }, - ]; - - const scan = { - metadata: { - labels: { - foo: "bar", - }, - }, - }; - - const getFindings = async () => findings; - - await handle({ - getFindings, - scan, - }); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(2); - - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(1, { - name: "sslyze-foobar.com", - parameters: ["--regular", "foobar.com"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "sslyze", - }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(2, { - name: "zap-foobar.com", - parameters: ["-t", "https://foobar.com:443"], - parentScan: { metadata: { labels: { foo: "bar" } } }, - scanType: "zap-baseline", - }); -}); diff --git a/hooks/nmap-subsequent-scans/templates/NOTES.txt b/hooks/nmap-subsequent-scans/templates/NOTES.txt deleted file mode 100644 index e4e0ae44..00000000 --- a/hooks/nmap-subsequent-scans/templates/NOTES.txt +++ /dev/null @@ -1,2 +0,0 @@ -nmap-subsequent-scans Hook deployed. -This will start possible subsequent security scans based on nmap findings with open ports. \ No newline at end of file From 36c168a02ab6be98f43dcf35bdd5e8a206ff9417 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Tue, 9 Jun 2020 10:30:20 +0200 Subject: [PATCH 050/109] Added scanner integration readme files and example files for each scanner --- integrations/amass/README.md | 58 + .../amass/examples/example.com/scan.yaml | 12 + .../amass/examples/secureCodeBox.io/scan.yaml | 13 + integrations/kube-hunter/README.md | 51 + .../examples/in-cluster/findings.json | 82 + .../kube-hunter/examples/in-cluster/scan.yaml | 8 + integrations/nikto/README.md | 69 + .../nikto/examples/secureCodeBox.io/scan.yaml | 14 + integrations/nmap/readme.md | 21 +- integrations/ssh_scan/README.md | 84 + .../ssh_scan/examples/example.com/scan.yaml | 13 + .../ssh_scan/examples/localhost/findings.yaml | 12748 ++++++++++++ .../ssh_scan/examples/localhost/scan.yaml | 11 + integrations/sslyze/README.md | 47 + .../sslyze/examples/example.com/scan.yaml | 9 + .../examples/secureCodeBox.io/scan.yaml | 11 + integrations/trivy/README.md | 55 + .../trivy/examples/juice-shop/findings.yaml | 204 + .../trivy/examples/juice-shop/scan.yaml | 10 + .../trivy/examples/mediawiki/findings.yaml | 16083 ++++++++++++++++ .../trivy/examples/mediawiki/scan.yaml | 8 + integrations/wpscan/README.md | 88 + .../wpscan/examples/example.com/findings.yaml | 228 + 23 files changed, 29917 insertions(+), 10 deletions(-) create mode 100644 integrations/amass/README.md create mode 100644 integrations/amass/examples/example.com/scan.yaml create mode 100644 integrations/amass/examples/secureCodeBox.io/scan.yaml create mode 100644 integrations/kube-hunter/README.md create mode 100644 integrations/kube-hunter/examples/in-cluster/findings.json create mode 100644 integrations/kube-hunter/examples/in-cluster/scan.yaml create mode 100644 integrations/nikto/README.md create mode 100644 integrations/nikto/examples/secureCodeBox.io/scan.yaml create mode 100644 integrations/ssh_scan/README.md create mode 100644 integrations/ssh_scan/examples/example.com/scan.yaml create mode 100644 integrations/ssh_scan/examples/localhost/findings.yaml create mode 100644 integrations/ssh_scan/examples/localhost/scan.yaml create mode 100644 integrations/sslyze/README.md create mode 100644 integrations/sslyze/examples/example.com/scan.yaml create mode 100644 integrations/sslyze/examples/secureCodeBox.io/scan.yaml create mode 100644 integrations/trivy/README.md create mode 100644 integrations/trivy/examples/juice-shop/findings.yaml create mode 100644 integrations/trivy/examples/juice-shop/scan.yaml create mode 100644 integrations/trivy/examples/mediawiki/findings.yaml create mode 100644 integrations/trivy/examples/mediawiki/scan.yaml create mode 100644 integrations/wpscan/README.md create mode 100644 integrations/wpscan/examples/example.com/findings.yaml diff --git a/integrations/amass/README.md b/integrations/amass/README.md new file mode 100644 index 00000000..22a50803 --- /dev/null +++ b/integrations/amass/README.md @@ -0,0 +1,58 @@ +--- +title: "Amass" +path: "scanner/Amass" +category: "scanner" +usecase: "Subdomain Enumeration Scanner" +--- + +![owasp logo](https://owasp.org/assets/images/logo.png) + +The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. To learn more about the Amass scanner itself visit [OWASP_Amass_Project] or [Amass GitHub]. + + + +## Deployment + +The AMASS scanType can be deployed via helm. + +```bash +helm upgrade --install amass ./integrations/amass/ +``` + +## Examples + +A set of examples can be found in the [examples](./examples) folder. +* Example *secureCodeBox.io* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml) +* Example *example.com* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml) + +## Configuration + +The follwing security scan configuration example are based on the [Amass User Guide], please take a look at the original documentation for more configuration examples. + +* The most basic use of the tool for subdomain enumeration: `amass enum -d example.com` +* Typical parameters for DNS enumeration: `amass enum -v -src -ip -brute -min-for-recursive 2 -d example.com` + +Special command line options: +* Disable generation of altered names `amass enum -noalts -d example.com` +* Turn off recursive brute forcing `amass enum -brute -norecursive -d example.com` +* Disable saving data into a local database `amass enum -nolocaldb -d example.com` +* Domain names separated by commas (can be used multiple times) `amass enum -d example.com` + + +## Development + +### Local setup +1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` +2. Ensure you have node.js installed + * On MacOs with brew package manager: `brew install node` + +### Parser Development + +1. Install the dependencies `npm install` +2. Update the parser function here: `./parser/parser.js` +3. Update the parser tests here: `./parser/parser.test.js` +4. Run the testsuite: `npm test` + +[OWASP_Amass_Project]: https://owasp.org/www-project-amass/ +[Amass GitHub]: https://github.com/OWASP/Amass +[Amass User Guide]: https://github.com/OWASP/Amass/blob/master/doc/user_guide.md \ No newline at end of file diff --git a/integrations/amass/examples/example.com/scan.yaml b/integrations/amass/examples/example.com/scan.yaml new file mode 100644 index 00000000..c112a67f --- /dev/null +++ b/integrations/amass/examples/example.com/scan.yaml @@ -0,0 +1,12 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "amass-example.com" +spec: + scanType: "amass" + parameters: + - "-noalts" + - "-norecursive" + - "-nolocaldb" + - "-d" + - "example.com" diff --git a/integrations/amass/examples/secureCodeBox.io/scan.yaml b/integrations/amass/examples/secureCodeBox.io/scan.yaml new file mode 100644 index 00000000..a607f69e --- /dev/null +++ b/integrations/amass/examples/secureCodeBox.io/scan.yaml @@ -0,0 +1,13 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "amass-securecodebox.io" + labels: + organization: "secureCodeBox" +spec: + scanType: "amass" + parameters: + - "-noalts" + - "-norecursive" + - "-d" + - "securecodebox.io" diff --git a/integrations/kube-hunter/README.md b/integrations/kube-hunter/README.md new file mode 100644 index 00000000..a60ceb19 --- /dev/null +++ b/integrations/kube-hunter/README.md @@ -0,0 +1,51 @@ +--- +title: "kube-hunter" +path: "scanner/kube-hunter" +category: "scanner" +usecase: "Kubernetes Vulnerability Scanner" +--- + +kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster that you don't own! + +To learn more about the kube-hunter scanner itself visit [kube-hunter GitHub] or [kube-hunter Website]. + + + +## Deployment + +The kube-hunter ScanType can be deployed via helm. + +```bash +helm upgrade --install kube-hunter ./integrations/kube-hunter/ +``` + +## Examples + +A set of examples can be found in the [examples](./examples) folder. +* Example *in-cluster* [scan](./examples/in-cluster/scan.yaml) and [findings](./examples/in-cluster/findings.yaml) + +## Configuration + +The follwing security scan configuration example are based on the [kube-hunter Documentation], please take a look at the original documentation for more configuration examples. + +* To specify remote machines for hunting, select option 1 or use the --remote option. Example: `kube-hunter --remote some.node.com` +* To specify interface scanning, you can use the --interface option (this will scan all of the machine's network interfaces). Example: `kube-hunter --interface` +* To specify a specific CIDR to scan, use the --cidr option. Example: `kube-hunter --cidr 192.168.0.0/24` + +## Development + +### Local setup +1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` +2. Ensure you have node.js installed + * On MacOs with brew package manager: `brew install node` + +### Parser Development + +1. Install the dependencies `npm install` +2. Update the parser function here: `./parser/parser.js` +3. Update the parser tests here: `./parser/parser.test.js` +4. Run the testsuite: `npm test` + +[kube-hunter Website]: https://kube-hunter.aquasec.com/ +[kube-hunter GitHub]: https://github.com/aquasecurity/kube-hunter +[kube-hunter Documentation]: https://github.com/aquasecurity/kube-hunter#scanning-options \ No newline at end of file diff --git a/integrations/kube-hunter/examples/in-cluster/findings.json b/integrations/kube-hunter/examples/in-cluster/findings.json new file mode 100644 index 00000000..789ae552 --- /dev/null +++ b/integrations/kube-hunter/examples/in-cluster/findings.json @@ -0,0 +1,82 @@ +{ + "nodes": [ + { + "type": "Node/Master", + "location": "10.0.0.1" + }, + { + "type": "Node/Master", + "location": "10.96.0.1" + } + ], + "services": [ + { + "service": "Kubelet API", + "location": "10.0.0.1:10250", + "description": "The Kubelet is the main component in every Node, all pod operations goes through the kubelet" + }, + { + "service": "Metrics Server", + "location": "10.0.0.1:6443", + "description": "The Metrics server is in charge of providing resource usage metrics for pods and nodes to the API server." + }, + { + "service": "API Server", + "location": "10.96.0.1:443", + "description": "The API server is in charge of all operations on the cluster." + } + ], + "vulnerabilities": [ + { + "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", + "vid": "KHV050", + "category": "Access Risk", + "severity": "low", + "vulnerability": "Read access to pod's service account token", + "description": " Accessing the pod service account token gives an attacker the option to use the server API ", + "evidence": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkNabmY2NVgxUmR1ZnQzbHJVQVAzZFFUNjBiR0hUVE9SRDNPcURyenlkODgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6Imx1cmNoZXItdG9rZW4tcGpmNGIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoibHVyY2hlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjUzOGVhYjdmLTY1YjAtNDE4Yy04MGI2LTI1NGQxNDQ4ODU3NiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0Omx1cmNoZXIifQ.cGtQHagQ2xxlAFnWwFRNgGJIkaeZIKnqoYYb8GmxN94ry0wwxCbgBm4Kg33A903wDBxd8iuITTk-r8UPZyYJHoxlVu0pHt-3SAc4NT0ob50R2acVXQ2qj_yJOOQHurCWeOJMkGqtCyUoZ8Xcnc6z32Ao-NWzKD-0wV7ndpKm-ytHP0YpHb9bLUPcQGvFoh_UF132yjeJqzwLPRX6hStMYOa8LNhJGyhdejW3BIOylzVPNkKE5lEjWv9f853qnTKG-TzXHBbth7qV8UHwSoY8YFoMezK3zazQt4dN1VG_wYmZ0ujikTC7TRTGr500kFxfpACKwdQ1M1fXgKJhNv9UgA", + "hunter": "Access Secrets" + }, + { + "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", + "vid": "None", + "category": "Access Risk", + "severity": "low", + "vulnerability": "CAP_NET_RAW Enabled", + "description": "CAP_NET_RAW is enabled by default for pods. If an attacker manages to compromise a pod, they could potentially take advantage of this capability to perform network attacks on other pods running on the same node", + "evidence": "", + "hunter": "Pod Capabilities Hunter" + }, + { + "location": "Local to Pod(scan-kube-hunter-in-cluster-4rfff)", + "vid": "None", + "category": "Access Risk", + "severity": "low", + "vulnerability": "Access to pod's secrets", + "description": " Accessing the pod's secrets within a compromised pod might disclose valuable data to a potential attacker", + "evidence": "['/var/run/secrets/kubernetes.io/serviceaccount/namespace', '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt', '/var/run/secrets/kubernetes.io/serviceaccount/token', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/ca.crt', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/token', '/var/run/secrets/kubernetes.io/serviceaccount/..2020_04_03_14_52_24.460746409/namespace']", + "hunter": "Access Secrets" + }, + { + "location": "10.96.0.1:443", + "vid": "KHV002", + "category": "Information Disclosure", + "severity": "medium", + "vulnerability": "K8s Version Disclosure", + "description": "The kubernetes version could be obtained from the /version endpoint ", + "evidence": "v1.18.0", + "hunter": "Api Version Hunter" + }, + { + "location": "10.96.0.1:443", + "vid": "KHV005", + "category": "Information Disclosure", + "severity": "medium", + "vulnerability": "Access to API using service account token", + "description": " The API Server port is accessible. Depending on your RBAC settings this could expose access to or control of your cluster. ", + "evidence": "b'{\"kind\":\"APIVersions\",\"versions\":[\"v1\"],\"serverAddressByClientCIDRs\":[{\"clientCIDR\":\"0.0.0.0/0\",\"serverAddress\":\"172.17.0.2:6443\"}]}\\n'", + "hunter": "API Server Hunter" + } + ], + "kburl": "https://aquasecurity.github.io/kube-hunter/kb/{vid}" +} \ No newline at end of file diff --git a/integrations/kube-hunter/examples/in-cluster/scan.yaml b/integrations/kube-hunter/examples/in-cluster/scan.yaml new file mode 100644 index 00000000..e1b8aa8d --- /dev/null +++ b/integrations/kube-hunter/examples/in-cluster/scan.yaml @@ -0,0 +1,8 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "kube-hunter-in-cluster" +spec: + scanType: "kube-hunter" + parameters: + - "--pod" diff --git a/integrations/nikto/README.md b/integrations/nikto/README.md new file mode 100644 index 00000000..8c6d7834 --- /dev/null +++ b/integrations/nikto/README.md @@ -0,0 +1,69 @@ +--- +title: "Nikto" +path: "scanner/Nikto" +category: "scanner" +usecase: "Webserver Vulnerability Scanner" +--- + +![nikto logo](https://cirt.net/files/alienlogo_3.gif) + +Nikto is a free software command-line vulnerability scanner that scans webservers for dangerous files/CGIs, outdated server software and other problems. It performs generic and server type specific checks. It also captures and prints any cookies received. To learn more about the Nikto scanner itself visit [cirt.net] or [Nikto GitHub]. + + + +## Deployment + +The Nikto ScanType can be deployed via helm. + +```bash +helm upgrade --install nikto ./integrations/nikto/ +``` + +## Examples + +A set of examples can be found in the [examples](./examples) folder. +* Example *secureCodeBox.io* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml) + +## Configuration + +The follwing security scan configuration example are based on the [Nikto Documentation](https://cirt.net/nikto2-docs/usage.html#id2780332), please take a look at the original documentation for more configuration examples. + +* The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.0.1 on TCP port 80: `-h 192.168.0.1` +* To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443: `-h 192.168.0.1 -p 443` +* Hosts, ports and protocols may also be specified by using a full URL syntax, and it will be scanned: `-h https://192.168.0.1:443/` +* Nikto can scan multiple ports in the same scanning session. To test more than one port on the same host, specify the list of ports in the -p (-port) option. Ports can be specified as a range (i.e., 80-90), or as a comma-delimited list, (i.e., 80,88,90). This will scan the host on ports 80, 88 and 443: `-h 192.168.0.1 -p 80,88,443` + +Nikto also has a comprehensive list of [command line options documented](https://cirt.net/nikto2-docs/options.html) which maybe useful to use. + +* Scan tuning can be used to decrease the number of tests performed against a target. By specifying the type of test to include or exclude, faster, focused testing can be completed. This is useful in situations where the presence of certain file types are undesired -- such as XSS or simply "interesting" files. Test types can be controlled at an individual level by specifying their identifier to the -T (-Tuning) option. In the default mode, if -T is invoked only the test type(s) specified will be executed. For example, only the tests for "Remote file retrieval" and "Command execution" can performed against the target: `192.168.0.1 -T 58` + * 0 - File Upload. Exploits which allow a file to be uploaded to the target server. + * 1 - Interesting File / Seen in logs. An unknown but suspicious file or attack that has been seen in web server logs (note: if you have information regarding any of these attacks, please contact CIRT, Inc.). + * 2 - Misconfiguration / Default File. Default files or files which have been misconfigured in some manner. This could be documentation, or a resource which should be password protected. + * 3 - Information Disclosure. A resource which reveals information about the target. This could be a file system path or account name. + * 4 - Injection (XSS/Script/HTML). Any manner of injection, including cross site scripting (XSS) or content (HTML). This does not include command injection. + * 5 - Remote File Retrieval - Inside Web Root. Resource allows remote users to retrieve unauthorized files from within the web server's root directory. + * 6 - Denial of Service. Resource allows a denial of service against the target application, web server or host (note: no intentional DoS attacks are attempted). + * 7 - Remote File Retrieval - Server Wide. Resource allows remote users to retrieve unauthorized files from anywhere on the target. + * 8 - Command Execution / Remote Shell. Resource allows the user to execute a system command or spawn a remote shell. + * 9 - SQL Injection. Any type of attack which allows SQL to be executed against a database. + * a - Authentication Bypass. Allows client to access a resource it should not be allowed to access. + * b - Software Identification. Installed software or program could be positively identified. + * c - Remote source inclusion. Software allows remote inclusion of source code. + * x - Reverse Tuning Options. Perform exclusion of the specified tuning type instead of inclusion of the specified tuning type + +## Development + +### Local setup +1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` +2. Ensure you have node.js installed + * On MacOs with brew package manager: `brew install node` + +### Parser Development + +1. Install the dependencies `npm install` +2. Update the parser function here: `./parser/parser.js` +3. Update the parser tests here: `./parser/parser.test.js` +4. Run the testsuite: `npm test` + +[cirt.net]: https://cirt.net/ +[nikto github]: https://github.com/sullo/nikto \ No newline at end of file diff --git a/integrations/nikto/examples/secureCodeBox.io/scan.yaml b/integrations/nikto/examples/secureCodeBox.io/scan.yaml new file mode 100644 index 00000000..43496fa4 --- /dev/null +++ b/integrations/nikto/examples/secureCodeBox.io/scan.yaml @@ -0,0 +1,14 @@ +apiVersion: 'execution.experimental.securecodebox.io/v1' +kind: Scan +metadata: + name: 'nikto-www.securecodebox.io' + labels: + organization: 'secureCodeBox' +spec: + scanType: 'nikto' + parameters: + - '-h' + - 'https://www.securecodebox.io' + - '-Tuning' + # Only enable fast (ish) Scan Options, remove attack option like SQLi and RCE. We will leave those to ZAP + - '1,2,3,5,7,b' diff --git a/integrations/nmap/readme.md b/integrations/nmap/readme.md index 623d2cbe..d99802b2 100644 --- a/integrations/nmap/readme.md +++ b/integrations/nmap/readme.md @@ -3,7 +3,6 @@ title: "Nmap" path: "scanner/Nmap" category: "scanner" usecase: "Network Scanner" -release: "https://img.shields.io/github/release/secureCodeBox/scanner-infrastructure-nmap.svg" --- ![Nmap logo](https://nmap.org/images/sitelogo.png) @@ -25,6 +24,9 @@ helm install nmap ./integrations/nmap/ ## Examples A set of examples can be found in the [examples](./examples) folder. +* Example *local-network* [scan](./examples/local-network/scan.yaml) and [findings](./examples/local-network/findings.yaml) +* Example *localhost* [scan](./examples/local-network/scan.yaml) and [findings](./examples/local-network/findings.yaml) +* Example *scan.nmap.org* [scan](./examples/local-network/scan.yaml) and [findings](./examples/local-network/findings.yaml) ## Nmap Configuration @@ -47,14 +49,13 @@ Some useful example parameters listed below: ## Development ### Local setup +1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` +2. Ensure you have node.js installed + * On MacOs with brew package manager: `brew install node` -1. Clone the repository -2. Install the dependencies `npm install` +### Parser Development -### Test - -To run the testsuite run: - -```bash -npm test -``` +1. Install the dependencies `npm install` +2. Update the parser function here: `./parser/parser.js` +3. Update the parser tests here: `./parser/parser.test.js` +4. Run the testsuite: `npm test` diff --git a/integrations/ssh_scan/README.md b/integrations/ssh_scan/README.md new file mode 100644 index 00000000..825e0193 --- /dev/null +++ b/integrations/ssh_scan/README.md @@ -0,0 +1,84 @@ +--- +title: "SSH" +path: "scanner/SSH" +category: "scanner" +usecase: "SSH Configuration and Policy Scanner" +release: "https://img.shields.io/github/release/secureCodeBox/scanner-infrastructure-ssh.svg" + +--- +SSH_scan is an easy-to-use prototype SSH configuration and policy scanner, inspired by Mozilla OpenSSH Security Guide, which provides a reasonable baseline policy recommendation for SSH configuration parameters such as Ciphers, MACs, and KexAlgos and much more. + +To learn more about the ssh_scan scanner itself visit [ssh_scan GitHub]. + + + +## Deployment + +The SSH_scan ScanType can be deployed via helm. + +```bash +helm upgrade --install ssh ./integrations/ssh_scan/ +``` + +## Examples + +A set of examples can be found in the [examples](./examples) folder. +* Example *example.com* [scan](./examples/example.com/scan.yaml) and [findings](./examples/example.com/findings.yaml) +* Example *localhost* [scan](./examples/localhost/scan.yaml) and [findings](./examples/localhost/findings.yaml) + +## Configuration + +The follwing security scan configuration example are based on the [ssh_scan Documentation], please take a look at the original documentation for more configuration examples. + +```bash +ssh_scan v0.0.21 (https://github.com/mozilla/ssh_scan) + +Usage: ssh_scan [options] + -t, --target [IP/Range/Hostname] IP/Ranges/Hostname to scan + -f, --file [FilePath] File Path of the file containing IP/Range/Hostnames to scan + -T, --timeout [seconds] Timeout per connect after which ssh_scan gives up on the host + -L, --logger [Log File Path] Enable logger + -O, --from_json [FilePath] File to read JSON output from + -o, --output [FilePath] File to write JSON output to + -p, --port [PORT] Port (Default: 22) + -P, --policy [FILE] Custom policy file (Default: Mozilla Modern) + --threads [NUMBER] Number of worker threads (Default: 5) + --fingerprint-db [FILE] File location of fingerprint database (Default: ./fingerprints.db) + --suppress-update-status Do not check for updates + -u, --unit-test [FILE] Throw appropriate exit codes based on compliance status + -V [STD_LOGGING_LEVEL], + --verbosity + -v, --version Display just version info + -h, --help Show this message + +Examples: + + ssh_scan -t 192.168.1.1 + ssh_scan -t server.example.com + ssh_scan -t ::1 + ssh_scan -t ::1 -T 5 + ssh_scan -f hosts.txt + ssh_scan -o output.json + ssh_scan -O output.json -o rescan_output.json + ssh_scan -t 192.168.1.1 -p 22222 + ssh_scan -t 192.168.1.1 -p 22222 -L output.log -V INFO + ssh_scan -t 192.168.1.1 -P custom_policy.yml + ssh_scan -t 192.168.1.1 --unit-test -P custom_policy.yml +``` + +## Development + +### Local setup +1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` +2. Ensure you have node.js installed + * On MacOs with brew package manager: `brew install node` + +### Parser Development + +1. Install the dependencies `npm install` +2. Update the parser function here: `./parser/parser.js` +3. Update the parser tests here: `./parser/parser.test.js` +4. Run the testsuite: `npm test` + +[ssh_scan GitHub]: https://github.com/mozilla/ssh_scan +[ssh_scan Documentation]: https://github.com/mozilla/ssh_scan#example-command-line-usage \ No newline at end of file diff --git a/integrations/ssh_scan/examples/example.com/scan.yaml b/integrations/ssh_scan/examples/example.com/scan.yaml new file mode 100644 index 00000000..d6c166ee --- /dev/null +++ b/integrations/ssh_scan/examples/example.com/scan.yaml @@ -0,0 +1,13 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "ssh-www.example.com" + labels: + company: iteratec +spec: + scanType: "ssh-scan" + parameters: + - "-t" + - www.example.com + - "-p" + - "22222" diff --git a/integrations/ssh_scan/examples/localhost/findings.yaml b/integrations/ssh_scan/examples/localhost/findings.yaml new file mode 100644 index 00000000..75bc4d84 --- /dev/null +++ b/integrations/ssh_scan/examples/localhost/findings.yaml @@ -0,0 +1,12748 @@ +[ + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.0.1", + "hostname": "fritz.box", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": [ + + ], + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:08 +0200", + "end_time": "2020-05-18 14:16:08 +0200", + "scan_duration_seconds": 0.009147, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.2", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:08 +0200", + "end_time": "2020-05-18 14:16:13 +0200", + "scan_duration_seconds": 5.018145, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.5", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:08 +0200", + "end_time": "2020-05-18 14:16:13 +0200", + "scan_duration_seconds": 5.023781, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.3", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:08 +0200", + "end_time": "2020-05-18 14:16:13 +0200", + "scan_duration_seconds": 5.025497, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.4", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:08 +0200", + "end_time": "2020-05-18 14:16:13 +0200", + "scan_duration_seconds": 5.026574, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.6", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:08 +0200", + "end_time": "2020-05-18 14:16:13 +0200", + "scan_duration_seconds": 5.019285, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.10", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:13 +0200", + "end_time": "2020-05-18 14:16:19 +0200", + "scan_duration_seconds": 5.045999, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.7", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:13 +0200", + "end_time": "2020-05-18 14:16:19 +0200", + "scan_duration_seconds": 5.05908, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.11", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:13 +0200", + "end_time": "2020-05-18 14:16:19 +0200", + "scan_duration_seconds": 5.052545, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.8", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:13 +0200", + "end_time": "2020-05-18 14:16:19 +0200", + "scan_duration_seconds": 5.056765, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.9", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:13 +0200", + "end_time": "2020-05-18 14:16:19 +0200", + "scan_duration_seconds": 5.06131, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.12", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:19 +0200", + "end_time": "2020-05-18 14:16:24 +0200", + "scan_duration_seconds": 5.015576, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.13", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:19 +0200", + "end_time": "2020-05-18 14:16:24 +0200", + "scan_duration_seconds": 5.013597, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.15", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:19 +0200", + "end_time": "2020-05-18 14:16:24 +0200", + "scan_duration_seconds": 5.012137, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.14", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:19 +0200", + "end_time": "2020-05-18 14:16:24 +0200", + "scan_duration_seconds": 5.015068, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.16", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:19 +0200", + "end_time": "2020-05-18 14:16:24 +0200", + "scan_duration_seconds": 5.016027, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.17", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:24 +0200", + "end_time": "2020-05-18 14:16:29 +0200", + "scan_duration_seconds": 5.014476, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.18", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:24 +0200", + "end_time": "2020-05-18 14:16:29 +0200", + "scan_duration_seconds": 5.012788, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.36", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:39 +0200", + "end_time": "2020-05-18 14:16:44 +0200", + "scan_duration_seconds": 5.026775, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.38", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:44 +0200", + "end_time": "2020-05-18 14:16:49 +0200", + "scan_duration_seconds": 5.004179, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.40", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:44 +0200", + "end_time": "2020-05-18 14:16:49 +0200", + "scan_duration_seconds": 5.011815, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.39", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:44 +0200", + "end_time": "2020-05-18 14:16:49 +0200", + "scan_duration_seconds": 5.015197, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.41", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:44 +0200", + "end_time": "2020-05-18 14:16:49 +0200", + "scan_duration_seconds": 5.020542, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.42", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:44 +0200", + "end_time": "2020-05-18 14:16:49 +0200", + "scan_duration_seconds": 5.023733, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.43", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:49 +0200", + "end_time": "2020-05-18 14:16:54 +0200", + "scan_duration_seconds": 5.009096, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.45", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:49 +0200", + "end_time": "2020-05-18 14:16:54 +0200", + "scan_duration_seconds": 5.011373, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.44", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:49 +0200", + "end_time": "2020-05-18 14:16:54 +0200", + "scan_duration_seconds": 5.021025, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.46", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:49 +0200", + "end_time": "2020-05-18 14:16:54 +0200", + "scan_duration_seconds": 5.013896, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.47", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:49 +0200", + "end_time": "2020-05-18 14:16:54 +0200", + "scan_duration_seconds": 5.01212, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.48", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:54 +0200", + "end_time": "2020-05-18 14:16:59 +0200", + "scan_duration_seconds": 5.015682, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.49", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:54 +0200", + "end_time": "2020-05-18 14:16:59 +0200", + "scan_duration_seconds": 5.024721, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.50", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:54 +0200", + "end_time": "2020-05-18 14:16:59 +0200", + "scan_duration_seconds": 5.018128, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.51", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:54 +0200", + "end_time": "2020-05-18 14:16:59 +0200", + "scan_duration_seconds": 5.016329, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.52", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:54 +0200", + "end_time": "2020-05-18 14:16:59 +0200", + "scan_duration_seconds": 5.017229, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.53", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:59 +0200", + "end_time": "2020-05-18 14:17:04 +0200", + "scan_duration_seconds": 5.013938, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.54", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:59 +0200", + "end_time": "2020-05-18 14:17:04 +0200", + "scan_duration_seconds": 5.027029, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.57", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:59 +0200", + "end_time": "2020-05-18 14:17:04 +0200", + "scan_duration_seconds": 5.034224, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.56", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:59 +0200", + "end_time": "2020-05-18 14:17:04 +0200", + "scan_duration_seconds": 5.039258, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.55", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:16:59 +0200", + "end_time": "2020-05-18 14:17:04 +0200", + "scan_duration_seconds": 5.040982, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.58", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:04 +0200", + "end_time": "2020-05-18 14:17:09 +0200", + "scan_duration_seconds": 5.00823, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.59", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:04 +0200", + "end_time": "2020-05-18 14:17:09 +0200", + "scan_duration_seconds": 5.023171, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.60", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:04 +0200", + "end_time": "2020-05-18 14:17:09 +0200", + "scan_duration_seconds": 5.013186, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.62", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:04 +0200", + "end_time": "2020-05-18 14:17:09 +0200", + "scan_duration_seconds": 5.010377, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.61", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:04 +0200", + "end_time": "2020-05-18 14:17:09 +0200", + "scan_duration_seconds": 5.014818, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.63", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:09 +0200", + "end_time": "2020-05-18 14:17:14 +0200", + "scan_duration_seconds": 5.009808, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.64", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:09 +0200", + "end_time": "2020-05-18 14:17:14 +0200", + "scan_duration_seconds": 5.017995, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.66", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:09 +0200", + "end_time": "2020-05-18 14:17:14 +0200", + "scan_duration_seconds": 5.017735, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.65", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:09 +0200", + "end_time": "2020-05-18 14:17:14 +0200", + "scan_duration_seconds": 5.019746, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.67", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:09 +0200", + "end_time": "2020-05-18 14:17:14 +0200", + "scan_duration_seconds": 5.016963, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.68", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:14 +0200", + "end_time": "2020-05-18 14:17:19 +0200", + "scan_duration_seconds": 5.009804, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.69", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:14 +0200", + "end_time": "2020-05-18 14:17:19 +0200", + "scan_duration_seconds": 5.016983, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.70", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:14 +0200", + "end_time": "2020-05-18 14:17:19 +0200", + "scan_duration_seconds": 5.01562, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.72", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:14 +0200", + "end_time": "2020-05-18 14:17:19 +0200", + "scan_duration_seconds": 5.016326, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.71", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:14 +0200", + "end_time": "2020-05-18 14:17:19 +0200", + "scan_duration_seconds": 5.017919, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.73", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:19 +0200", + "end_time": "2020-05-18 14:17:24 +0200", + "scan_duration_seconds": 5.025453, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.77", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:19 +0200", + "end_time": "2020-05-18 14:17:24 +0200", + "scan_duration_seconds": 5.016805, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.74", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:19 +0200", + "end_time": "2020-05-18 14:17:24 +0200", + "scan_duration_seconds": 5.020961, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.75", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:19 +0200", + "end_time": "2020-05-18 14:17:24 +0200", + "scan_duration_seconds": 5.024436, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.76", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:19 +0200", + "end_time": "2020-05-18 14:17:24 +0200", + "scan_duration_seconds": 5.021202, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.78", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:24 +0200", + "end_time": "2020-05-18 14:17:29 +0200", + "scan_duration_seconds": 5.008501, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.79", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:24 +0200", + "end_time": "2020-05-18 14:17:29 +0200", + "scan_duration_seconds": 5.010518, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.80", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:24 +0200", + "end_time": "2020-05-18 14:17:29 +0200", + "scan_duration_seconds": 5.017385, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.81", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:24 +0200", + "end_time": "2020-05-18 14:17:29 +0200", + "scan_duration_seconds": 5.017398, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.82", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:24 +0200", + "end_time": "2020-05-18 14:17:29 +0200", + "scan_duration_seconds": 5.019877, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.83", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:29 +0200", + "end_time": "2020-05-18 14:17:34 +0200", + "scan_duration_seconds": 5.012493, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.84", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:29 +0200", + "end_time": "2020-05-18 14:17:34 +0200", + "scan_duration_seconds": 5.01596, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.86", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:29 +0200", + "end_time": "2020-05-18 14:17:34 +0200", + "scan_duration_seconds": 5.036337, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.85", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:29 +0200", + "end_time": "2020-05-18 14:17:34 +0200", + "scan_duration_seconds": 5.040029, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.87", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:29 +0200", + "end_time": "2020-05-18 14:17:34 +0200", + "scan_duration_seconds": 5.034385, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.88", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:34 +0200", + "end_time": "2020-05-18 14:17:39 +0200", + "scan_duration_seconds": 5.009505, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.89", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:34 +0200", + "end_time": "2020-05-18 14:17:39 +0200", + "scan_duration_seconds": 5.012555, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.91", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:34 +0200", + "end_time": "2020-05-18 14:17:39 +0200", + "scan_duration_seconds": 5.014005, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.90", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:34 +0200", + "end_time": "2020-05-18 14:17:39 +0200", + "scan_duration_seconds": 5.01487, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.92", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:34 +0200", + "end_time": "2020-05-18 14:17:39 +0200", + "scan_duration_seconds": 5.015081, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.93", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:39 +0200", + "end_time": "2020-05-18 14:17:44 +0200", + "scan_duration_seconds": 5.011196, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.94", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:39 +0200", + "end_time": "2020-05-18 14:17:44 +0200", + "scan_duration_seconds": 5.00896, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.96", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:39 +0200", + "end_time": "2020-05-18 14:17:44 +0200", + "scan_duration_seconds": 5.013573, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.97", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:39 +0200", + "end_time": "2020-05-18 14:17:44 +0200", + "scan_duration_seconds": 5.015892, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.95", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:39 +0200", + "end_time": "2020-05-18 14:17:44 +0200", + "scan_duration_seconds": 5.017638, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.98", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:44 +0200", + "end_time": "2020-05-18 14:17:49 +0200", + "scan_duration_seconds": 5.014191, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.99", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:44 +0200", + "end_time": "2020-05-18 14:17:49 +0200", + "scan_duration_seconds": 5.012209, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.100", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:44 +0200", + "end_time": "2020-05-18 14:17:49 +0200", + "scan_duration_seconds": 5.015569, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.101", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:44 +0200", + "end_time": "2020-05-18 14:17:49 +0200", + "scan_duration_seconds": 5.019266, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.102", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:44 +0200", + "end_time": "2020-05-18 14:17:49 +0200", + "scan_duration_seconds": 5.019509, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.103", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:49 +0200", + "end_time": "2020-05-18 14:17:54 +0200", + "scan_duration_seconds": 5.011426, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.104", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:49 +0200", + "end_time": "2020-05-18 14:17:54 +0200", + "scan_duration_seconds": 5.008065, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.105", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:49 +0200", + "end_time": "2020-05-18 14:17:54 +0200", + "scan_duration_seconds": 5.010373, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.106", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:49 +0200", + "end_time": "2020-05-18 14:17:54 +0200", + "scan_duration_seconds": 5.011829, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.107", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:49 +0200", + "end_time": "2020-05-18 14:17:54 +0200", + "scan_duration_seconds": 5.01201, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.108", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:54 +0200", + "end_time": "2020-05-18 14:17:59 +0200", + "scan_duration_seconds": 5.011443, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.109", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:54 +0200", + "end_time": "2020-05-18 14:17:59 +0200", + "scan_duration_seconds": 5.013181, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.110", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:54 +0200", + "end_time": "2020-05-18 14:17:59 +0200", + "scan_duration_seconds": 5.009685, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.112", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:54 +0200", + "end_time": "2020-05-18 14:17:59 +0200", + "scan_duration_seconds": 5.014025, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.111", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:54 +0200", + "end_time": "2020-05-18 14:17:59 +0200", + "scan_duration_seconds": 5.014552, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.113", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:59 +0200", + "end_time": "2020-05-18 14:18:04 +0200", + "scan_duration_seconds": 5.014669, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.114", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:59 +0200", + "end_time": "2020-05-18 14:18:04 +0200", + "scan_duration_seconds": 5.011557, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.115", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:59 +0200", + "end_time": "2020-05-18 14:18:04 +0200", + "scan_duration_seconds": 5.014777, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.117", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:59 +0200", + "end_time": "2020-05-18 14:18:04 +0200", + "scan_duration_seconds": 5.012769, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.116", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:17:59 +0200", + "end_time": "2020-05-18 14:18:04 +0200", + "scan_duration_seconds": 5.015077, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.118", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:04 +0200", + "end_time": "2020-05-18 14:18:09 +0200", + "scan_duration_seconds": 5.012724, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.119", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:04 +0200", + "end_time": "2020-05-18 14:18:09 +0200", + "scan_duration_seconds": 5.020184, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.120", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:04 +0200", + "end_time": "2020-05-18 14:18:09 +0200", + "scan_duration_seconds": 5.015805, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.121", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:04 +0200", + "end_time": "2020-05-18 14:18:09 +0200", + "scan_duration_seconds": 5.013292, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.122", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:04 +0200", + "end_time": "2020-05-18 14:18:09 +0200", + "scan_duration_seconds": 5.013342, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.123", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:09 +0200", + "end_time": "2020-05-18 14:18:14 +0200", + "scan_duration_seconds": 5.009917, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.124", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:09 +0200", + "end_time": "2020-05-18 14:18:14 +0200", + "scan_duration_seconds": 5.00777, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.125", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:09 +0200", + "end_time": "2020-05-18 14:18:14 +0200", + "scan_duration_seconds": 5.009052, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.126", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:09 +0200", + "end_time": "2020-05-18 14:18:14 +0200", + "scan_duration_seconds": 5.010297, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.127", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:09 +0200", + "end_time": "2020-05-18 14:18:14 +0200", + "scan_duration_seconds": 5.007845, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.128", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:14 +0200", + "end_time": "2020-05-18 14:18:19 +0200", + "scan_duration_seconds": 5.007212, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.129", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:14 +0200", + "end_time": "2020-05-18 14:18:19 +0200", + "scan_duration_seconds": 5.007011, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.131", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:14 +0200", + "end_time": "2020-05-18 14:18:19 +0200", + "scan_duration_seconds": 5.010844, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.130", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:14 +0200", + "end_time": "2020-05-18 14:18:19 +0200", + "scan_duration_seconds": 5.020804, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.132", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:14 +0200", + "end_time": "2020-05-18 14:18:19 +0200", + "scan_duration_seconds": 5.011265, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.133", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:19 +0200", + "end_time": "2020-05-18 14:18:24 +0200", + "scan_duration_seconds": 5.013889, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.134", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:19 +0200", + "end_time": "2020-05-18 14:18:24 +0200", + "scan_duration_seconds": 5.011654, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.135", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:19 +0200", + "end_time": "2020-05-18 14:18:24 +0200", + "scan_duration_seconds": 5.011695, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.137", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:19 +0200", + "end_time": "2020-05-18 14:18:24 +0200", + "scan_duration_seconds": 5.012752, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.136", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:19 +0200", + "end_time": "2020-05-18 14:18:24 +0200", + "scan_duration_seconds": 5.016228, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.138", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:24 +0200", + "end_time": "2020-05-18 14:18:29 +0200", + "scan_duration_seconds": 5.007896, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.139", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:24 +0200", + "end_time": "2020-05-18 14:18:29 +0200", + "scan_duration_seconds": 5.012671, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.140", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:24 +0200", + "end_time": "2020-05-18 14:18:29 +0200", + "scan_duration_seconds": 5.01449, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.142", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:24 +0200", + "end_time": "2020-05-18 14:18:29 +0200", + "scan_duration_seconds": 5.01353, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.141", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:24 +0200", + "end_time": "2020-05-18 14:18:29 +0200", + "scan_duration_seconds": 5.02139, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.143", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:29 +0200", + "end_time": "2020-05-18 14:18:34 +0200", + "scan_duration_seconds": 5.00722, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.144", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:29 +0200", + "end_time": "2020-05-18 14:18:34 +0200", + "scan_duration_seconds": 5.008936, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.145", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:29 +0200", + "end_time": "2020-05-18 14:18:34 +0200", + "scan_duration_seconds": 5.010428, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.146", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:29 +0200", + "end_time": "2020-05-18 14:18:34 +0200", + "scan_duration_seconds": 5.010461, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.147", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:29 +0200", + "end_time": "2020-05-18 14:18:34 +0200", + "scan_duration_seconds": 5.010366, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.148", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:34 +0200", + "end_time": "2020-05-18 14:18:39 +0200", + "scan_duration_seconds": 5.004849, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.149", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:34 +0200", + "end_time": "2020-05-18 14:18:39 +0200", + "scan_duration_seconds": 5.007421, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.150", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:34 +0200", + "end_time": "2020-05-18 14:18:39 +0200", + "scan_duration_seconds": 5.010495, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.151", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:34 +0200", + "end_time": "2020-05-18 14:18:39 +0200", + "scan_duration_seconds": 5.012477, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.152", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:34 +0200", + "end_time": "2020-05-18 14:18:39 +0200", + "scan_duration_seconds": 5.009218, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.153", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:39 +0200", + "end_time": "2020-05-18 14:18:44 +0200", + "scan_duration_seconds": 5.011404, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.154", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:39 +0200", + "end_time": "2020-05-18 14:18:44 +0200", + "scan_duration_seconds": 5.009484, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.155", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:39 +0200", + "end_time": "2020-05-18 14:18:44 +0200", + "scan_duration_seconds": 5.006623, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.157", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:39 +0200", + "end_time": "2020-05-18 14:18:44 +0200", + "scan_duration_seconds": 5.009452, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.156", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:39 +0200", + "end_time": "2020-05-18 14:18:44 +0200", + "scan_duration_seconds": 5.010617, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.158", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:44 +0200", + "end_time": "2020-05-18 14:18:49 +0200", + "scan_duration_seconds": 5.007965, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.159", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:44 +0200", + "end_time": "2020-05-18 14:18:49 +0200", + "scan_duration_seconds": 5.006987, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.160", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:44 +0200", + "end_time": "2020-05-18 14:18:49 +0200", + "scan_duration_seconds": 5.005987, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.162", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:44 +0200", + "end_time": "2020-05-18 14:18:49 +0200", + "scan_duration_seconds": 5.014419, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.161", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:44 +0200", + "end_time": "2020-05-18 14:18:49 +0200", + "scan_duration_seconds": 5.01457, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.163", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:49 +0200", + "end_time": "2020-05-18 14:18:54 +0200", + "scan_duration_seconds": 5.018359, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.164", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:49 +0200", + "end_time": "2020-05-18 14:18:54 +0200", + "scan_duration_seconds": 5.017265, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.165", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:49 +0200", + "end_time": "2020-05-18 14:18:54 +0200", + "scan_duration_seconds": 5.014736, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.167", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:49 +0200", + "end_time": "2020-05-18 14:18:54 +0200", + "scan_duration_seconds": 5.016781, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.166", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:49 +0200", + "end_time": "2020-05-18 14:18:54 +0200", + "scan_duration_seconds": 5.018615, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.168", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:54 +0200", + "end_time": "2020-05-18 14:18:59 +0200", + "scan_duration_seconds": 5.009226, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.169", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:54 +0200", + "end_time": "2020-05-18 14:18:59 +0200", + "scan_duration_seconds": 5.009719, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.170", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:54 +0200", + "end_time": "2020-05-18 14:18:59 +0200", + "scan_duration_seconds": 5.01229, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.171", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:54 +0200", + "end_time": "2020-05-18 14:18:59 +0200", + "scan_duration_seconds": 5.009089, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.172", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:54 +0200", + "end_time": "2020-05-18 14:18:59 +0200", + "scan_duration_seconds": 5.008697, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.173", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:59 +0200", + "end_time": "2020-05-18 14:19:04 +0200", + "scan_duration_seconds": 5.013729, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.174", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:59 +0200", + "end_time": "2020-05-18 14:19:04 +0200", + "scan_duration_seconds": 5.021665, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.175", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:59 +0200", + "end_time": "2020-05-18 14:19:04 +0200", + "scan_duration_seconds": 5.010501, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.176", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:59 +0200", + "end_time": "2020-05-18 14:19:04 +0200", + "scan_duration_seconds": 5.009526, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.177", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:18:59 +0200", + "end_time": "2020-05-18 14:19:04 +0200", + "scan_duration_seconds": 5.016848, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.178", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:04 +0200", + "end_time": "2020-05-18 14:19:09 +0200", + "scan_duration_seconds": 5.013499, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.179", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:04 +0200", + "end_time": "2020-05-18 14:19:09 +0200", + "scan_duration_seconds": 5.013188, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.180", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:04 +0200", + "end_time": "2020-05-18 14:19:09 +0200", + "scan_duration_seconds": 5.012, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.181", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:04 +0200", + "end_time": "2020-05-18 14:19:09 +0200", + "scan_duration_seconds": 5.01268, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.182", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:04 +0200", + "end_time": "2020-05-18 14:19:09 +0200", + "scan_duration_seconds": 5.016068, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.183", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:09 +0200", + "end_time": "2020-05-18 14:19:14 +0200", + "scan_duration_seconds": 5.009168, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.184", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:09 +0200", + "end_time": "2020-05-18 14:19:14 +0200", + "scan_duration_seconds": 5.012193, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.185", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:09 +0200", + "end_time": "2020-05-18 14:19:14 +0200", + "scan_duration_seconds": 5.012495, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.186", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:09 +0200", + "end_time": "2020-05-18 14:19:14 +0200", + "scan_duration_seconds": 5.010615, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.187", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:09 +0200", + "end_time": "2020-05-18 14:19:14 +0200", + "scan_duration_seconds": 5.009718, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.188", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:14 +0200", + "end_time": "2020-05-18 14:19:19 +0200", + "scan_duration_seconds": 5.013079, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.189", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:14 +0200", + "end_time": "2020-05-18 14:19:19 +0200", + "scan_duration_seconds": 5.008909, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.190", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:14 +0200", + "end_time": "2020-05-18 14:19:19 +0200", + "scan_duration_seconds": 5.012701, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.191", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:14 +0200", + "end_time": "2020-05-18 14:19:19 +0200", + "scan_duration_seconds": 5.011254, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.192", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:14 +0200", + "end_time": "2020-05-18 14:19:19 +0200", + "scan_duration_seconds": 5.011075, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.193", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:19 +0200", + "end_time": "2020-05-18 14:19:24 +0200", + "scan_duration_seconds": 5.008206, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.194", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:19 +0200", + "end_time": "2020-05-18 14:19:24 +0200", + "scan_duration_seconds": 5.008122, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.195", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:19 +0200", + "end_time": "2020-05-18 14:19:24 +0200", + "scan_duration_seconds": 5.008552, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.196", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:19 +0200", + "end_time": "2020-05-18 14:19:24 +0200", + "scan_duration_seconds": 5.010205, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.197", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:19 +0200", + "end_time": "2020-05-18 14:19:24 +0200", + "scan_duration_seconds": 5.009305, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.198", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:24 +0200", + "end_time": "2020-05-18 14:19:29 +0200", + "scan_duration_seconds": 5.014749, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.199", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:24 +0200", + "end_time": "2020-05-18 14:19:29 +0200", + "scan_duration_seconds": 5.009968, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.200", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:24 +0200", + "end_time": "2020-05-18 14:19:29 +0200", + "scan_duration_seconds": 5.006475, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.201", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:24 +0200", + "end_time": "2020-05-18 14:19:29 +0200", + "scan_duration_seconds": 5.009185, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.202", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:24 +0200", + "end_time": "2020-05-18 14:19:29 +0200", + "scan_duration_seconds": 5.008749, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.203", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:29 +0200", + "end_time": "2020-05-18 14:19:34 +0200", + "scan_duration_seconds": 5.008611, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.204", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:29 +0200", + "end_time": "2020-05-18 14:19:34 +0200", + "scan_duration_seconds": 5.007647, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.205", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:29 +0200", + "end_time": "2020-05-18 14:19:34 +0200", + "scan_duration_seconds": 5.009199, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.206", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:29 +0200", + "end_time": "2020-05-18 14:19:34 +0200", + "scan_duration_seconds": 5.007476, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.207", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:29 +0200", + "end_time": "2020-05-18 14:19:34 +0200", + "scan_duration_seconds": 5.012679, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.208", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:34 +0200", + "end_time": "2020-05-18 14:19:39 +0200", + "scan_duration_seconds": 5.016178, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.209", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:34 +0200", + "end_time": "2020-05-18 14:19:39 +0200", + "scan_duration_seconds": 5.013339, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.210", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:34 +0200", + "end_time": "2020-05-18 14:19:39 +0200", + "scan_duration_seconds": 5.011069, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.211", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:34 +0200", + "end_time": "2020-05-18 14:19:39 +0200", + "scan_duration_seconds": 5.01491, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.212", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:34 +0200", + "end_time": "2020-05-18 14:19:39 +0200", + "scan_duration_seconds": 5.008301, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.213", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:39 +0200", + "end_time": "2020-05-18 14:19:44 +0200", + "scan_duration_seconds": 5.007219, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.214", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:39 +0200", + "end_time": "2020-05-18 14:19:44 +0200", + "scan_duration_seconds": 5.008252, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.215", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:39 +0200", + "end_time": "2020-05-18 14:19:44 +0200", + "scan_duration_seconds": 5.013376, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.216", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:39 +0200", + "end_time": "2020-05-18 14:19:44 +0200", + "scan_duration_seconds": 5.005473, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.217", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:39 +0200", + "end_time": "2020-05-18 14:19:44 +0200", + "scan_duration_seconds": 5.009484, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.218", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:44 +0200", + "end_time": "2020-05-18 14:19:49 +0200", + "scan_duration_seconds": 5.004647, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.219", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:44 +0200", + "end_time": "2020-05-18 14:19:49 +0200", + "scan_duration_seconds": 5.015997, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.220", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:44 +0200", + "end_time": "2020-05-18 14:19:49 +0200", + "scan_duration_seconds": 5.009858, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.221", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:44 +0200", + "end_time": "2020-05-18 14:19:49 +0200", + "scan_duration_seconds": 5.009426, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.222", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:44 +0200", + "end_time": "2020-05-18 14:19:49 +0200", + "scan_duration_seconds": 5.011433, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.223", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:49 +0200", + "end_time": "2020-05-18 14:19:54 +0200", + "scan_duration_seconds": 5.007592, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.224", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:49 +0200", + "end_time": "2020-05-18 14:19:54 +0200", + "scan_duration_seconds": 5.014186, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.225", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:49 +0200", + "end_time": "2020-05-18 14:19:54 +0200", + "scan_duration_seconds": 5.015063, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.226", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:49 +0200", + "end_time": "2020-05-18 14:19:54 +0200", + "scan_duration_seconds": 5.011104, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.227", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:49 +0200", + "end_time": "2020-05-18 14:19:54 +0200", + "scan_duration_seconds": 5.008299, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.228", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:54 +0200", + "end_time": "2020-05-18 14:19:59 +0200", + "scan_duration_seconds": 5.006931, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.229", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:54 +0200", + "end_time": "2020-05-18 14:19:59 +0200", + "scan_duration_seconds": 5.009133, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.230", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:54 +0200", + "end_time": "2020-05-18 14:19:59 +0200", + "scan_duration_seconds": 5.007698, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.231", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:54 +0200", + "end_time": "2020-05-18 14:19:59 +0200", + "scan_duration_seconds": 5.006834, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.232", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:54 +0200", + "end_time": "2020-05-18 14:19:59 +0200", + "scan_duration_seconds": 5.009307, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.233", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:59 +0200", + "end_time": "2020-05-18 14:20:04 +0200", + "scan_duration_seconds": 5.010224, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.234", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:59 +0200", + "end_time": "2020-05-18 14:20:04 +0200", + "scan_duration_seconds": 5.017244, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.235", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:59 +0200", + "end_time": "2020-05-18 14:20:04 +0200", + "scan_duration_seconds": 5.023908, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.236", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:59 +0200", + "end_time": "2020-05-18 14:20:04 +0200", + "scan_duration_seconds": 5.022695, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.237", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:19:59 +0200", + "end_time": "2020-05-18 14:20:04 +0200", + "scan_duration_seconds": 5.016382, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.238", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:04 +0200", + "end_time": "2020-05-18 14:20:09 +0200", + "scan_duration_seconds": 5.012382, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.239", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:04 +0200", + "end_time": "2020-05-18 14:20:09 +0200", + "scan_duration_seconds": 5.010582, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.240", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:04 +0200", + "end_time": "2020-05-18 14:20:09 +0200", + "scan_duration_seconds": 5.013688, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.241", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:04 +0200", + "end_time": "2020-05-18 14:20:09 +0200", + "scan_duration_seconds": 5.02014, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.242", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:04 +0200", + "end_time": "2020-05-18 14:20:09 +0200", + "scan_duration_seconds": 5.019114, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.243", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:09 +0200", + "end_time": "2020-05-18 14:20:14 +0200", + "scan_duration_seconds": 5.010204, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.244", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:09 +0200", + "end_time": "2020-05-18 14:20:14 +0200", + "scan_duration_seconds": 5.026513, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.245", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:09 +0200", + "end_time": "2020-05-18 14:20:14 +0200", + "scan_duration_seconds": 5.015253, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.246", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:09 +0200", + "end_time": "2020-05-18 14:20:14 +0200", + "scan_duration_seconds": 5.00897, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.247", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:09 +0200", + "end_time": "2020-05-18 14:20:14 +0200", + "scan_duration_seconds": 5.012336, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.248", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:14 +0200", + "end_time": "2020-05-18 14:20:19 +0200", + "scan_duration_seconds": 5.016242, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.249", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:14 +0200", + "end_time": "2020-05-18 14:20:19 +0200", + "scan_duration_seconds": 5.009471, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.250", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:14 +0200", + "end_time": "2020-05-18 14:20:19 +0200", + "scan_duration_seconds": 5.010296, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.251", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:14 +0200", + "end_time": "2020-05-18 14:20:19 +0200", + "scan_duration_seconds": 5.008444, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.252", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:14 +0200", + "end_time": "2020-05-18 14:20:19 +0200", + "scan_duration_seconds": 5.029963, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.253", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:19 +0200", + "end_time": "2020-05-18 14:20:24 +0200", + "scan_duration_seconds": 5.020419, + "error": "Socket is no longer valid" + }, + { + "ssh_scan_version": "0.0.42", + "ip": "192.168.178.254", + "hostname": "", + "port": 22, + "server_banner": "", + "ssh_version": "unknown", + "os": "unknown", + "os_cpe": "o:unknown", + "ssh_lib": "unknown", + "ssh_lib_cpe": "a:unknown", + "key_algorithms": [ + + ], + "encryption_algorithms_client_to_server": [ + + ], + "encryption_algorithms_server_to_client": [ + + ], + "mac_algorithms_client_to_server": [ + + ], + "mac_algorithms_server_to_client": [ + + ], + "compression_algorithms_client_to_server": [ + + ], + "compression_algorithms_server_to_client": [ + + ], + "languages_client_to_server": [ + + ], + "languages_server_to_client": [ + + ], + "auth_methods": [ + + ], + "keys": { + }, + "dns_keys": null, + "duplicate_host_key_ips": [ + + ], + "compliance": { + }, + "start_time": "2020-05-18 14:20:19 +0200", + "end_time": "2020-05-18 14:20:24 +0200", + "scan_duration_seconds": 5.009291, + "error": "Socket is no longer valid" + } +] diff --git a/integrations/ssh_scan/examples/localhost/scan.yaml b/integrations/ssh_scan/examples/localhost/scan.yaml new file mode 100644 index 00000000..18109220 --- /dev/null +++ b/integrations/ssh_scan/examples/localhost/scan.yaml @@ -0,0 +1,11 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "ssh-localhost" + labels: + company: iteratec +spec: + scanType: "ssh-scan" + parameters: + - "-t" + - localhost diff --git a/integrations/sslyze/README.md b/integrations/sslyze/README.md new file mode 100644 index 00000000..87801e35 --- /dev/null +++ b/integrations/sslyze/README.md @@ -0,0 +1,47 @@ +--- +title: "SSLyze" +path: "scanner/SSLyze" +category: "scanner" +usecase: "SSL/TLS Configuration Scanner" +--- + +SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL/TLS servers. To learn more about the SSLyze scanner itself visit or [SSLyze GitHub]. + + + +## Deployment + +The SSLyze scanType can be deployed via helm. + +```bash +helm upgrade --install sslyze ./integrations/sslyze/ +``` + +## Examples + +A set of examples can be found in the [examples](./examples) folder. +* Example *secureCodeBox.io* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml) +* Example *example.com* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml) + +## Configuration + +The follwing security scan configuration example are based on the [SSLyze Documentation], please take a look at the original documentation for more configuration examples. + +The command line interface can be used to easily run server scans: `sslyze --regular www.example.com` + +## Development + +### Local setup +1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` +2. Ensure you have node.js installed + * On MacOs with brew package manager: `brew install node` + +### Parser Development + +1. Install the dependencies `npm install` +2. Update the parser function here: `./parser/parser.js` +3. Update the parser tests here: `./parser/parser.test.js` +4. Run the testsuite: `npm test` + +[SSLyze GitHub]: https://github.com/nabla-c0d3/sslyze +[SSLyze Documentation]: https://nabla-c0d3.github.io/sslyze/documentation/ \ No newline at end of file diff --git a/integrations/sslyze/examples/example.com/scan.yaml b/integrations/sslyze/examples/example.com/scan.yaml new file mode 100644 index 00000000..a2322f8e --- /dev/null +++ b/integrations/sslyze/examples/example.com/scan.yaml @@ -0,0 +1,9 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "sslyze-securecodebox.io" +spec: + scanType: "sslyze" + parameters: + - "--regular" + - "example.com" diff --git a/integrations/sslyze/examples/secureCodeBox.io/scan.yaml b/integrations/sslyze/examples/secureCodeBox.io/scan.yaml new file mode 100644 index 00000000..bbd53c1c --- /dev/null +++ b/integrations/sslyze/examples/secureCodeBox.io/scan.yaml @@ -0,0 +1,11 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "sslyze-securecodebox.io" + labels: + organization: "secureCodeBox" +spec: + scanType: "sslyze" + parameters: + - "--regular" + - "securecodebox.io" diff --git a/integrations/trivy/README.md b/integrations/trivy/README.md new file mode 100644 index 00000000..92f35204 --- /dev/null +++ b/integrations/trivy/README.md @@ -0,0 +1,55 @@ +--- +title: "Trivy" +path: "scanner/Trivy" +category: "scanner" +usecase: "Containers Vulnerability Scanner" +--- + +`Trivy` (`tri` pronounced like **tri**gger, `vy` pronounced like en**vy**) is a simple and comprehensive vulnerability scanner for containers and other artifacts. +A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System. +`Trivy` detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn, etc.). +`Trivy` is easy to use. Just install the binary and you're ready to scan. All you need to do for scanning is to specify a target such as an image name of the container. + +To learn more about the Trivy scanner itself visit or [Trivy GitHub]. + + + +## Deployment + +The Trivy scanType can be deployed via helm. + +```bash +helm upgrade --install trivy ./integrations/trivy/ +``` + +## Examples + +A set of examples can be found in the [examples](./examples) folder. +* Example *juice-shop* [scan](./examples/juice-shop/scan.yaml) and [findings](./examples/juice-shop/findings.yaml) +* Example *mediawiki* [scan](./examples/mediawikip/scan.yaml) and [findings](./examples/mediawiki/findings.yaml) + +## Configuration + +The follwing security scan configuration example are based on the [Trivy Documentation], please take a look at the original documentation for more configuration examples. + +* Filter the vulnerabilities by severities `trivy image --severity HIGH,CRITICAL ruby:2.4.0` +* Filter the vulnerabilities by type (`os` or `library`) `trivy image --vuln-type os ruby:2.4.0` +* Skip update of vulnerability DB: `trivy image --skip-update python:3.4-alpine3.9` +* Ignore unfixed vulnerabilities:`trivy image --ignore-unfixed ruby:2.4.0` By default, Trivy also detects unpatched/unfixed vulnerabilities. This means you can't fix these vulnerabilities even if you update all packages. If you would like to ignore them, use the `--ignore-unfixed` option. + +## Development + +### Local setup +1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` +2. Ensure you have node.js installed + * On MacOs with brew package manager: `brew install node` + +### Parser Development + +1. Install the dependencies `npm install` +2. Update the parser function here: `./parser/parser.js` +3. Update the parser tests here: `./parser/parser.test.js` +4. Run the testsuite: `npm test` + +[Trivy GitHub]: https://github.com/aquasecurity/trivy +[Trivy Documentation]: https://github.com/aquasecurity/trivy#examples \ No newline at end of file diff --git a/integrations/trivy/examples/juice-shop/findings.yaml b/integrations/trivy/examples/juice-shop/findings.yaml new file mode 100644 index 00000000..8e025ee7 --- /dev/null +++ b/integrations/trivy/examples/juice-shop/findings.yaml @@ -0,0 +1,204 @@ +[ + { + "Target": "bkimminich/juice-shop:v10.2.0 (alpine 3.11.5)", + "Vulnerabilities": [ + { + "VulnerabilityID": "CVE-2020-1967", + "PkgName": "openssl", + "InstalledVersion": "1.1.1d-r3", + "FixedVersion": "1.1.1g-r0", + "Layer": { + "DiffID": "sha256:beee9f30bc1f711043e78d4a2be0668955d4b761d587d6f60c2c8dc081efb203" + }, + "Title": "openssl: Segmentation fault in SSL_check_chain causes denial of service", + "Description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).", + "Severity": "HIGH", + "References": [ + "http://www.openwall.com/lists/oss-security/2020/04/22/2", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1", + "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440", + "https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E", + "https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", + "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc", + "https://security.gentoo.org/glsa/202004-10", + "https://security.netapp.com/advisory/ntap-20200424-0003/", + "https://www.debian.org/security/2020/dsa-4661", + "https://www.openssl.org/news/secadv/20200421.txt", + "https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL" + ] + } + ] + }, + { + "Target": "juice-shop/frontend/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "juice-shop/package-lock.json", + "Vulnerabilities": [ + { + "VulnerabilityID": "NSWG-ECO-428", + "PkgName": "base64url", + "InstalledVersion": "0.0.6", + "FixedVersion": "\u003e=3.0.0", + "Layer": { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + }, + "Title": "Out-of-bounds Read", + "Description": "`base64url` allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below", + "Severity": "HIGH", + "References": [ + "https://github.com/brianloveswords/base64url/pull/25", + "https://hackerone.com/reports/321687" + ] + }, + { + "VulnerabilityID": "NSWG-ECO-17", + "PkgName": "jsonwebtoken", + "InstalledVersion": "0.1.0", + "FixedVersion": "\u003e=4.2.2", + "Layer": { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + }, + "Title": "Verification Bypass", + "Description": "It is possible for an attacker to bypass verification when \"a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)\" [1]", + "Severity": "HIGH", + "References": [ + "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", + "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687", + "https://www.timmclean.net/2015/02/25/jwt-alg-none.html" + ] + }, + { + "VulnerabilityID": "NSWG-ECO-17", + "PkgName": "jsonwebtoken", + "InstalledVersion": "0.4.0", + "FixedVersion": "\u003e=4.2.2", + "Layer": { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + }, + "Title": "Verification Bypass", + "Description": "It is possible for an attacker to bypass verification when \"a token digitally signed with an asymetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family)\" [1]", + "Severity": "HIGH", + "References": [ + "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", + "https://github.com/auth0/node-jsonwebtoken/commit/1bb584bc382295eeb7ee8c4452a673a77a68b687", + "https://www.timmclean.net/2015/02/25/jwt-alg-none.html" + ] + }, + { + "VulnerabilityID": "CVE-2016-1000223", + "PkgName": "jws", + "InstalledVersion": "0.2.6", + "FixedVersion": "\u003e=3.0.0", + "Layer": { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + }, + "Title": "Forgeable Public/Private Tokens", + "Description": "Since \"algorithm\" isn't enforced in `jws.verify()`, a malicious user could choose what algorithm is sent to the server. If the server is expecting RSA but is sent HMAC-SHA with RSA's public key, the server will think the public key is actually an HMAC private key. This could be used to forge any data an attacker wants.\n\nIn addition, there is the `none` algorithm to be concerned about. In versions prior to 3.0.0, verification of the token could be bypassed when the `alg` field is set to `none`.\n\n*Edit ( 7/29/16 ): A previous version of this advisory incorrectly stated that the vulnerability was patched in version 2.0.0 instead of 3.0.0. The advisory has been updated to reflect this new information. Thanks to Fabien Catteau for reporting the error.*", + "Severity": "HIGH", + "References": [ + "https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/", + "https://github.com/brianloveswords/node-jws/commit/585d0e1e97b6747c10cf5b7689ccc5618a89b299#diff-4ac32a78649ca5bdd8e0ba38b7006a1e" + ] + }, + { + "VulnerabilityID": "CVE-2018-16487", + "PkgName": "lodash", + "InstalledVersion": "2.4.2", + "FixedVersion": "\u003e=4.17.11", + "Layer": { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + }, + "Title": "lodash: Prototype pollution in utilities function", + "Description": "A prototype pollution vulnerability was found in lodash \u003c4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.", + "Severity": "HIGH", + "References": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16487", + "https://hackerone.com/reports/380873", + "https://security.netapp.com/advisory/ntap-20190919-0004/", + "https://www.npmjs.com/advisories/782" + ] + }, + { + "VulnerabilityID": "CVE-2018-3721", + "PkgName": "lodash", + "InstalledVersion": "2.4.2", + "FixedVersion": "\u003e=4.17.5", + "Layer": { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + }, + "Title": "lodash: Prototype pollution in utilities function", + "Description": "lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of \"Object\" via __proto__, causing the addition or modification of an existing property that will exist on all objects.", + "Severity": "MEDIUM", + "References": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3721", + "https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a", + "https://hackerone.com/reports/310443", + "https://security.netapp.com/advisory/ntap-20190919-0004/" + ] + }, + { + "VulnerabilityID": "CVE-2016-4055", + "PkgName": "moment", + "InstalledVersion": "2.0.0", + "FixedVersion": "\u003e=2.11.2", + "Layer": { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + }, + "Title": "moment.js: regular expression denial of service", + "Description": "The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a \"regular expression Denial of Service (ReDoS).\"", + "Severity": "HIGH", + "References": [ + "http://www.openwall.com/lists/oss-security/2016/04/20/11", + "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "http://www.securityfocus.com/bid/95849", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4055", + "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E", + "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E", + "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E", + "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E", + "https://nodesecurity.io/advisories/55", + "https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS", + "https://www.tenable.com/security/tns-2019-02" + ] + }, + { + "VulnerabilityID": "CVE-2016-1000237", + "PkgName": "sanitize-html", + "InstalledVersion": "1.4.2", + "FixedVersion": "\u003e=1.4.3", + "Layer": { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + }, + "Title": "XSS - Sanitization not applied recursively", + "Description": "sanitize-html before 1.4.3 has XSS.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/punkave/sanitize-html/issues/29", + "https://nodesecurity.io/advisories/135", + "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json" + ] + }, + { + "VulnerabilityID": "NSWG-ECO-154", + "PkgName": "sanitize-html", + "InstalledVersion": "1.4.2", + "FixedVersion": "\u003e=1.11.4", + "Layer": { + "DiffID": "sha256:6de27bb627f066285f0628172e686caf3e388a3bf266606c88d619d87d14aae3" + }, + "Title": "Cross Site Scripting", + "Description": "Sanitize-html is a library for scrubbing html input of malicious values.\n\nVersions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios:\n\nIf allowed at least one nonTextTags, the result is a potential XSS vulnerability.\nPoC:\n\n```\nvar sanitizeHtml = require('sanitize-html');\n\nvar dirty = '!\u003ctextarea\u003e\u0026lt;/textarea\u0026gt;\u003csvg/onload=prompt`xs`\u0026gt;\u003c/textarea\u003e!';\nvar clean = sanitizeHtml(dirty, {\n allowedTags: [ 'textarea' ]\n});\n\nconsole.log(clean);\n\n// !\u003ctextarea\u003e\u003c/textarea\u003e\u003csvg/onload=prompt`xs`\u003e\u003c/textarea\u003e!\n```", + "Severity": "MEDIUM", + "References": [ + "https://github.com/punkave/sanitize-html/commit/5d205a1005ba0df80e21d8c64a15bb3accdb2403", + "https://github.com/punkave/sanitize-html/issues/100" + ] + } + ] + } +] \ No newline at end of file diff --git a/integrations/trivy/examples/juice-shop/scan.yaml b/integrations/trivy/examples/juice-shop/scan.yaml new file mode 100644 index 00000000..3992a6fd --- /dev/null +++ b/integrations/trivy/examples/juice-shop/scan.yaml @@ -0,0 +1,10 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "trivy-juiceshop" + labels: + organization: "OWASP" +spec: + scanType: "trivy" + parameters: + - "bkimminich/juice-shop:v10.2.0" diff --git a/integrations/trivy/examples/mediawiki/findings.yaml b/integrations/trivy/examples/mediawiki/findings.yaml new file mode 100644 index 00000000..242e7974 --- /dev/null +++ b/integrations/trivy/examples/mediawiki/findings.yaml @@ -0,0 +1,16083 @@ +[ + { + "Target": "mediawiki:stable (debian 10.3)", + "Vulnerabilities": [ + { + "VulnerabilityID": "CVE-2007-0086", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", + "Severity": "HIGH", + "References": [ + "http://osvdb.org/33456", + "http://www.securityfocus.com/archive/1/455833/100/0/threaded", + "http://www.securityfocus.com/archive/1/455879/100/0/threaded", + "http://www.securityfocus.com/archive/1/455882/100/0/threaded", + "http://www.securityfocus.com/archive/1/455920/100/0/threaded" + ] + }, + { + "VulnerabilityID": "CVE-2003-1307", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying \"The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.\"", + "Severity": "MEDIUM", + "References": [ + "http://bugs.php.net/38915", + "http://hackerdom.ru/~dimmo/phpexpl.c", + "http://www.securityfocus.com/archive/1/348368", + "http://www.securityfocus.com/archive/1/449234/100/0/threaded", + "http://www.securityfocus.com/archive/1/449298/100/0/threaded", + "http://www.securityfocus.com/bid/9302" + ] + }, + { + "VulnerabilityID": "CVE-2003-1580", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/archive/1/313867" + ] + }, + { + "VulnerabilityID": "CVE-2007-1743", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\" In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.", + "Severity": "MEDIUM", + "References": [ + "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", + "http://www.securitytracker.com/id?1017904" + ] + }, + { + "VulnerabilityID": "CVE-2007-3303", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", + "Severity": "MEDIUM", + "References": [ + "http://osvdb.org/37050", + "http://security.psnc.pl/files/apache_report.pdf", + "http://securityreason.com/securityalert/2814", + "http://www.securityfocus.com/archive/1/469899/100/0/threaded", + "http://www.securityfocus.com/archive/1/471832/100/0/threaded", + "http://www.securityfocus.com/bid/24215" + ] + }, + { + "VulnerabilityID": "CVE-2008-0455", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", + "Description": "Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2008-0455.html", + "http://linux.oracle.com/errata/ELSA-2013-0512.html", + "http://rhn.redhat.com/errata/RHSA-2012-1591.html", + "http://rhn.redhat.com/errata/RHSA-2012-1592.html", + "http://rhn.redhat.com/errata/RHSA-2012-1594.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/51607", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867" + ] + }, + { + "VulnerabilityID": "CVE-2020-1927", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2020/04/03/1", + "http://www.openwall.com/lists/oss-security/2020/04/04/1", + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E" + ] + }, + { + "VulnerabilityID": "CVE-2020-1934", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_proxy_ftp use of uninitialized value", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", + "Severity": "MEDIUM", + "References": [ + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", + "https://security.netapp.com/advisory/ntap-20200413-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2001-1534", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", + "Severity": "LOW", + "References": [ + "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", + "http://www.iss.net/security_center/static/7494.php", + "http://www.securityfocus.com/bid/3521" + ] + }, + { + "VulnerabilityID": "CVE-2003-1581", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", + "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", + "Severity": "LOW", + "References": [ + "http://www.securityfocus.com/archive/1/313867" + ] + }, + { + "VulnerabilityID": "CVE-2008-0456", + "PkgName": "apache2", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", + "Description": "CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", + "Severity": "LOW", + "References": [ + "http://linux.oracle.com/cve/CVE-2008-0456.html", + "http://linux.oracle.com/errata/ELSA-2013-0130.html", + "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/35074", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://support.apple.com/kb/HT3549", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", + "http://www.vupen.com/english/advisories/2009/1297", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", + "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" + ] + }, + { + "VulnerabilityID": "CVE-2007-0086", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", + "Severity": "HIGH", + "References": [ + "http://osvdb.org/33456", + "http://www.securityfocus.com/archive/1/455833/100/0/threaded", + "http://www.securityfocus.com/archive/1/455879/100/0/threaded", + "http://www.securityfocus.com/archive/1/455882/100/0/threaded", + "http://www.securityfocus.com/archive/1/455920/100/0/threaded" + ] + }, + { + "VulnerabilityID": "CVE-2003-1307", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying \"The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.\"", + "Severity": "MEDIUM", + "References": [ + "http://bugs.php.net/38915", + "http://hackerdom.ru/~dimmo/phpexpl.c", + "http://www.securityfocus.com/archive/1/348368", + "http://www.securityfocus.com/archive/1/449234/100/0/threaded", + "http://www.securityfocus.com/archive/1/449298/100/0/threaded", + "http://www.securityfocus.com/bid/9302" + ] + }, + { + "VulnerabilityID": "CVE-2003-1580", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/archive/1/313867" + ] + }, + { + "VulnerabilityID": "CVE-2007-1743", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\" In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.", + "Severity": "MEDIUM", + "References": [ + "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", + "http://www.securitytracker.com/id?1017904" + ] + }, + { + "VulnerabilityID": "CVE-2007-3303", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", + "Severity": "MEDIUM", + "References": [ + "http://osvdb.org/37050", + "http://security.psnc.pl/files/apache_report.pdf", + "http://securityreason.com/securityalert/2814", + "http://www.securityfocus.com/archive/1/469899/100/0/threaded", + "http://www.securityfocus.com/archive/1/471832/100/0/threaded", + "http://www.securityfocus.com/bid/24215" + ] + }, + { + "VulnerabilityID": "CVE-2008-0455", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", + "Description": "Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2008-0455.html", + "http://linux.oracle.com/errata/ELSA-2013-0512.html", + "http://rhn.redhat.com/errata/RHSA-2012-1591.html", + "http://rhn.redhat.com/errata/RHSA-2012-1592.html", + "http://rhn.redhat.com/errata/RHSA-2012-1594.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/51607", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867" + ] + }, + { + "VulnerabilityID": "CVE-2020-1927", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2020/04/03/1", + "http://www.openwall.com/lists/oss-security/2020/04/04/1", + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E" + ] + }, + { + "VulnerabilityID": "CVE-2020-1934", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_proxy_ftp use of uninitialized value", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", + "Severity": "MEDIUM", + "References": [ + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", + "https://security.netapp.com/advisory/ntap-20200413-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2001-1534", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", + "Severity": "LOW", + "References": [ + "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", + "http://www.iss.net/security_center/static/7494.php", + "http://www.securityfocus.com/bid/3521" + ] + }, + { + "VulnerabilityID": "CVE-2003-1581", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", + "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", + "Severity": "LOW", + "References": [ + "http://www.securityfocus.com/archive/1/313867" + ] + }, + { + "VulnerabilityID": "CVE-2008-0456", + "PkgName": "apache2-bin", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", + "Description": "CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", + "Severity": "LOW", + "References": [ + "http://linux.oracle.com/cve/CVE-2008-0456.html", + "http://linux.oracle.com/errata/ELSA-2013-0130.html", + "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/35074", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://support.apple.com/kb/HT3549", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", + "http://www.vupen.com/english/advisories/2009/1297", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", + "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" + ] + }, + { + "VulnerabilityID": "CVE-2007-0086", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", + "Severity": "HIGH", + "References": [ + "http://osvdb.org/33456", + "http://www.securityfocus.com/archive/1/455833/100/0/threaded", + "http://www.securityfocus.com/archive/1/455879/100/0/threaded", + "http://www.securityfocus.com/archive/1/455882/100/0/threaded", + "http://www.securityfocus.com/archive/1/455920/100/0/threaded" + ] + }, + { + "VulnerabilityID": "CVE-2003-1307", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying \"The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.\"", + "Severity": "MEDIUM", + "References": [ + "http://bugs.php.net/38915", + "http://hackerdom.ru/~dimmo/phpexpl.c", + "http://www.securityfocus.com/archive/1/348368", + "http://www.securityfocus.com/archive/1/449234/100/0/threaded", + "http://www.securityfocus.com/archive/1/449298/100/0/threaded", + "http://www.securityfocus.com/bid/9302" + ] + }, + { + "VulnerabilityID": "CVE-2003-1580", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/archive/1/313867" + ] + }, + { + "VulnerabilityID": "CVE-2007-1743", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\" In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.", + "Severity": "MEDIUM", + "References": [ + "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", + "http://www.securitytracker.com/id?1017904" + ] + }, + { + "VulnerabilityID": "CVE-2007-3303", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", + "Severity": "MEDIUM", + "References": [ + "http://osvdb.org/37050", + "http://security.psnc.pl/files/apache_report.pdf", + "http://securityreason.com/securityalert/2814", + "http://www.securityfocus.com/archive/1/469899/100/0/threaded", + "http://www.securityfocus.com/archive/1/471832/100/0/threaded", + "http://www.securityfocus.com/bid/24215" + ] + }, + { + "VulnerabilityID": "CVE-2008-0455", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", + "Description": "Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2008-0455.html", + "http://linux.oracle.com/errata/ELSA-2013-0512.html", + "http://rhn.redhat.com/errata/RHSA-2012-1591.html", + "http://rhn.redhat.com/errata/RHSA-2012-1592.html", + "http://rhn.redhat.com/errata/RHSA-2012-1594.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/51607", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867" + ] + }, + { + "VulnerabilityID": "CVE-2020-1927", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2020/04/03/1", + "http://www.openwall.com/lists/oss-security/2020/04/04/1", + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E" + ] + }, + { + "VulnerabilityID": "CVE-2020-1934", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_proxy_ftp use of uninitialized value", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", + "Severity": "MEDIUM", + "References": [ + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", + "https://security.netapp.com/advisory/ntap-20200413-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2001-1534", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", + "Severity": "LOW", + "References": [ + "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", + "http://www.iss.net/security_center/static/7494.php", + "http://www.securityfocus.com/bid/3521" + ] + }, + { + "VulnerabilityID": "CVE-2003-1581", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", + "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", + "Severity": "LOW", + "References": [ + "http://www.securityfocus.com/archive/1/313867" + ] + }, + { + "VulnerabilityID": "CVE-2008-0456", + "PkgName": "apache2-data", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", + "Description": "CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", + "Severity": "LOW", + "References": [ + "http://linux.oracle.com/cve/CVE-2008-0456.html", + "http://linux.oracle.com/errata/ELSA-2013-0130.html", + "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/35074", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://support.apple.com/kb/HT3549", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", + "http://www.vupen.com/english/advisories/2009/1297", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", + "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" + ] + }, + { + "VulnerabilityID": "CVE-2007-0086", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "** DISPUTED ** The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal.", + "Severity": "HIGH", + "References": [ + "http://osvdb.org/33456", + "http://www.securityfocus.com/archive/1/455833/100/0/threaded", + "http://www.securityfocus.com/archive/1/455879/100/0/threaded", + "http://www.securityfocus.com/archive/1/455882/100/0/threaded", + "http://www.securityfocus.com/archive/1/455920/100/0/threaded" + ] + }, + { + "VulnerabilityID": "CVE-2003-1307", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying \"The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.\"", + "Severity": "MEDIUM", + "References": [ + "http://bugs.php.net/38915", + "http://hackerdom.ru/~dimmo/phpexpl.c", + "http://www.securityfocus.com/archive/1/348368", + "http://www.securityfocus.com/archive/1/449234/100/0/threaded", + "http://www.securityfocus.com/archive/1/449298/100/0/threaded", + "http://www.securityfocus.com/bid/9302" + ] + }, + { + "VulnerabilityID": "CVE-2003-1580", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/archive/1/313867" + ] + }, + { + "VulnerabilityID": "CVE-2007-1743", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\" In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.", + "Severity": "MEDIUM", + "References": [ + "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511568709063\u0026w=2", + "http://marc.info/?l=apache-httpd-dev\u0026m=117511834512138\u0026w=2", + "http://www.securitytracker.com/id?1017904" + ] + }, + { + "VulnerabilityID": "CVE-2007-3303", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.", + "Severity": "MEDIUM", + "References": [ + "http://osvdb.org/37050", + "http://security.psnc.pl/files/apache_report.pdf", + "http://securityreason.com/securityalert/2814", + "http://www.securityfocus.com/archive/1/469899/100/0/threaded", + "http://www.securityfocus.com/archive/1/471832/100/0/threaded", + "http://www.securityfocus.com/bid/24215" + ] + }, + { + "VulnerabilityID": "CVE-2008-0455", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "CVE-2012-2687 CVE-2008-0455 httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled", + "Description": "Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2008-0455.html", + "http://linux.oracle.com/errata/ELSA-2013-0512.html", + "http://rhn.redhat.com/errata/RHSA-2012-1591.html", + "http://rhn.redhat.com/errata/RHSA-2012-1592.html", + "http://rhn.redhat.com/errata/RHSA-2012-1594.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/51607", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39867" + ] + }, + { + "VulnerabilityID": "CVE-2020-1927", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_rewrite configurations vulnerable to open redirect", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2020/04/03/1", + "http://www.openwall.com/lists/oss-security/2020/04/04/1", + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E" + ] + }, + { + "VulnerabilityID": "CVE-2020-1934", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_proxy_ftp use of uninitialized value", + "Description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.", + "Severity": "MEDIUM", + "References": [ + "https://httpd.apache.org/security/vulnerabilities_24.html", + "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E", + "https://security.netapp.com/advisory/ntap-20200413-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2001-1534", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Description": "mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.", + "Severity": "LOW", + "References": [ + "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html", + "http://www.iss.net/security_center/static/7494.php", + "http://www.securityfocus.com/bid/3521" + ] + }, + { + "VulnerabilityID": "CVE-2003-1581", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: Injection of arbitrary text into log files when DNS resolution is enabled", + "Description": "The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an \"Inverse Lookup Log Corruption (ILLC)\" issue.", + "Severity": "LOW", + "References": [ + "http://www.securityfocus.com/archive/1/313867" + ] + }, + { + "VulnerabilityID": "CVE-2008-0456", + "PkgName": "apache2-utils", + "InstalledVersion": "2.4.38-3+deb10u3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled", + "Description": "CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) \"406 Not Acceptable\" or (2) \"300 Multiple Choices\" HTTP response when the extension is omitted in a request for the file.", + "Severity": "LOW", + "References": [ + "http://linux.oracle.com/cve/CVE-2008-0456.html", + "http://linux.oracle.com/errata/ELSA-2013-0130.html", + "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", + "http://rhn.redhat.com/errata/RHSA-2013-0130.html", + "http://secunia.com/advisories/29348", + "http://secunia.com/advisories/35074", + "http://security.gentoo.org/glsa/glsa-200803-19.xml", + "http://securityreason.com/securityalert/3575", + "http://securitytracker.com/id?1019256", + "http://support.apple.com/kb/HT3549", + "http://www.mindedsecurity.com/MSA01150108.html", + "http://www.securityfocus.com/archive/1/486847/100/0/threaded", + "http://www.securityfocus.com/bid/27409", + "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", + "http://www.vupen.com/english/advisories/2009/1297", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/39893", + "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E", + "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E" + ] + }, + { + "VulnerabilityID": "CVE-2011-3374", + "PkgName": "apt", + "InstalledVersion": "1.8.2", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "Severity": "MEDIUM", + "References": [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518" + ] + }, + { + "VulnerabilityID": "CVE-2019-18276", + "PkgName": "bash", + "InstalledVersion": "5.0-4", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "bash: when effective UID is not equal to its real UID the saved UID is not dropped", + "Description": "An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.", + "Severity": "HIGH", + "References": [ + "http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html", + "https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff", + "https://www.youtube.com/watch?v=-wGtxJ8opa8" + ] + }, + { + "VulnerabilityID": "TEMP-0841856-B18BAF", + "PkgName": "bash", + "InstalledVersion": "5.0-4", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Severity": "LOW" + }, + { + "VulnerabilityID": "CVE-2017-13716", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", + "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", + "Severity": "HIGH", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22009" + ] + }, + { + "VulnerabilityID": "CVE-2018-12699", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", + "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", + "Severity": "HIGH", + "References": [ + "http://www.securityfocus.com/bid/104540", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-1000876", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", + "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-1000876.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/106304", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f" + ] + }, + { + "VulnerabilityID": "CVE-2018-12697", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", + "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-12697.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/104538", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12698", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", + "Description": "demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the \"Create an array for saving the template argument values\" XNEWVEC call. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/104539", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12700", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", + "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/104541", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12934", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", + "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", + "Severity": "MEDIUM", + "References": [ + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-17358", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" + ] + }, + { + "VulnerabilityID": "CVE-2018-17359", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" + ] + }, + { + "VulnerabilityID": "CVE-2018-17360", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23685" + ] + }, + { + "VulnerabilityID": "CVE-2018-17794", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-17985", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335" + ] + }, + { + "VulnerabilityID": "CVE-2018-18309", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105692", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f" + ] + }, + { + "VulnerabilityID": "CVE-2018-18483", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", + "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105689", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23767" + ] + }, + { + "VulnerabilityID": "CVE-2018-18484", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105693", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636" + ] + }, + { + "VulnerabilityID": "CVE-2018-18605", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", + "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61" + ] + }, + { + "VulnerabilityID": "CVE-2018-18606", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", + "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc" + ] + }, + { + "VulnerabilityID": "CVE-2018-18607", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", + "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a" + ] + }, + { + "VulnerabilityID": "CVE-2018-18700", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-18701", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-19931", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07" + ] + }, + { + "VulnerabilityID": "CVE-2018-19932", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7" + ] + }, + { + "VulnerabilityID": "CVE-2018-20002", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", + "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106142", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", + "https://support.f5.com/csp/article/K62602089" + ] + }, + { + "VulnerabilityID": "CVE-2018-20623", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Use-after-free in the error function", + "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106370", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-20651", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", + "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106440", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-20671", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow in load_specific_debug_section function", + "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106457", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca" + ] + }, + { + "VulnerabilityID": "CVE-2018-20673", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "libiberty: Integer overflow in demangle_template() function", + "Description": "The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for \"Create an array for saving the template argument values\") that can trigger a heap-based buffer overflow, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106454", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24039" + ] + }, + { + "VulnerabilityID": "CVE-2018-20712", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "libiberty: heap-based buffer over-read in d_expression_1", + "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106563", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-9138", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-9996", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/103733", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010180", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", + "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/109367", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010204", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", + "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190822-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23765" + ] + }, + { + "VulnerabilityID": "CVE-2019-12972", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108903", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031" + ] + }, + { + "VulnerabilityID": "CVE-2019-14250", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109354", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", + "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", + "https://security.netapp.com/advisory/ntap-20190822-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-14444", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow in function apply_relocation in readelf.c", + "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190822-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24829" + ] + }, + { + "VulnerabilityID": "CVE-2019-17450", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: denial of service via crafted ELF file", + "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25078" + ] + }, + { + "VulnerabilityID": "CVE-2019-17451", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1" + ] + }, + { + "VulnerabilityID": "CVE-2019-9070", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", + "https://support.f5.com/csp/article/K13534168" + ] + }, + { + "VulnerabilityID": "CVE-2019-9071", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", + "https://support.f5.com/csp/article/K02884135" + ] + }, + { + "VulnerabilityID": "CVE-2019-9073", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", + "https://support.f5.com/csp/article/K37121474" + ] + }, + { + "VulnerabilityID": "CVE-2019-9074", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", + "https://support.f5.com/csp/article/K09092524" + ] + }, + { + "VulnerabilityID": "CVE-2019-9075", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", + "https://support.f5.com/csp/article/K42059040" + ] + }, + { + "VulnerabilityID": "CVE-2019-9077", + "PkgName": "binutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", + "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107139", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", + "https://support.f5.com/csp/article/K00056379" + ] + }, + { + "VulnerabilityID": "CVE-2017-13716", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", + "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", + "Severity": "HIGH", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22009" + ] + }, + { + "VulnerabilityID": "CVE-2018-12699", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", + "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", + "Severity": "HIGH", + "References": [ + "http://www.securityfocus.com/bid/104540", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-1000876", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", + "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-1000876.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/106304", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f" + ] + }, + { + "VulnerabilityID": "CVE-2018-12697", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", + "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-12697.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/104538", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12698", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", + "Description": "demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the \"Create an array for saving the template argument values\" XNEWVEC call. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/104539", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12700", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", + "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/104541", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12934", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", + "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", + "Severity": "MEDIUM", + "References": [ + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-17358", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" + ] + }, + { + "VulnerabilityID": "CVE-2018-17359", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" + ] + }, + { + "VulnerabilityID": "CVE-2018-17360", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23685" + ] + }, + { + "VulnerabilityID": "CVE-2018-17794", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-17985", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335" + ] + }, + { + "VulnerabilityID": "CVE-2018-18309", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105692", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f" + ] + }, + { + "VulnerabilityID": "CVE-2018-18483", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", + "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105689", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23767" + ] + }, + { + "VulnerabilityID": "CVE-2018-18484", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105693", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636" + ] + }, + { + "VulnerabilityID": "CVE-2018-18605", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", + "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61" + ] + }, + { + "VulnerabilityID": "CVE-2018-18606", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", + "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc" + ] + }, + { + "VulnerabilityID": "CVE-2018-18607", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", + "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a" + ] + }, + { + "VulnerabilityID": "CVE-2018-18700", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-18701", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-19931", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07" + ] + }, + { + "VulnerabilityID": "CVE-2018-19932", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7" + ] + }, + { + "VulnerabilityID": "CVE-2018-20002", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", + "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106142", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", + "https://support.f5.com/csp/article/K62602089" + ] + }, + { + "VulnerabilityID": "CVE-2018-20623", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Use-after-free in the error function", + "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106370", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-20651", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", + "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106440", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-20671", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow in load_specific_debug_section function", + "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106457", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca" + ] + }, + { + "VulnerabilityID": "CVE-2018-20673", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "libiberty: Integer overflow in demangle_template() function", + "Description": "The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for \"Create an array for saving the template argument values\") that can trigger a heap-based buffer overflow, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106454", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24039" + ] + }, + { + "VulnerabilityID": "CVE-2018-20712", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "libiberty: heap-based buffer over-read in d_expression_1", + "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106563", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-9138", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-9996", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/103733", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010180", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", + "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/109367", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010204", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", + "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190822-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23765" + ] + }, + { + "VulnerabilityID": "CVE-2019-12972", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108903", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031" + ] + }, + { + "VulnerabilityID": "CVE-2019-14250", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109354", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", + "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", + "https://security.netapp.com/advisory/ntap-20190822-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-14444", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow in function apply_relocation in readelf.c", + "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190822-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24829" + ] + }, + { + "VulnerabilityID": "CVE-2019-17450", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: denial of service via crafted ELF file", + "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25078" + ] + }, + { + "VulnerabilityID": "CVE-2019-17451", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1" + ] + }, + { + "VulnerabilityID": "CVE-2019-9070", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", + "https://support.f5.com/csp/article/K13534168" + ] + }, + { + "VulnerabilityID": "CVE-2019-9071", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", + "https://support.f5.com/csp/article/K02884135" + ] + }, + { + "VulnerabilityID": "CVE-2019-9073", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", + "https://support.f5.com/csp/article/K37121474" + ] + }, + { + "VulnerabilityID": "CVE-2019-9074", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", + "https://support.f5.com/csp/article/K09092524" + ] + }, + { + "VulnerabilityID": "CVE-2019-9075", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", + "https://support.f5.com/csp/article/K42059040" + ] + }, + { + "VulnerabilityID": "CVE-2019-9077", + "PkgName": "binutils-common", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", + "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107139", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", + "https://support.f5.com/csp/article/K00056379" + ] + }, + { + "VulnerabilityID": "CVE-2017-13716", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", + "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", + "Severity": "HIGH", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22009" + ] + }, + { + "VulnerabilityID": "CVE-2018-12699", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", + "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", + "Severity": "HIGH", + "References": [ + "http://www.securityfocus.com/bid/104540", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-1000876", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", + "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-1000876.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/106304", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f" + ] + }, + { + "VulnerabilityID": "CVE-2018-12697", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", + "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-12697.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/104538", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12698", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", + "Description": "demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the \"Create an array for saving the template argument values\" XNEWVEC call. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/104539", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12700", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", + "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/104541", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12934", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", + "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", + "Severity": "MEDIUM", + "References": [ + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-17358", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" + ] + }, + { + "VulnerabilityID": "CVE-2018-17359", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" + ] + }, + { + "VulnerabilityID": "CVE-2018-17360", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23685" + ] + }, + { + "VulnerabilityID": "CVE-2018-17794", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-17985", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335" + ] + }, + { + "VulnerabilityID": "CVE-2018-18309", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105692", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f" + ] + }, + { + "VulnerabilityID": "CVE-2018-18483", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", + "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105689", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23767" + ] + }, + { + "VulnerabilityID": "CVE-2018-18484", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105693", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636" + ] + }, + { + "VulnerabilityID": "CVE-2018-18605", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", + "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61" + ] + }, + { + "VulnerabilityID": "CVE-2018-18606", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", + "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc" + ] + }, + { + "VulnerabilityID": "CVE-2018-18607", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", + "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a" + ] + }, + { + "VulnerabilityID": "CVE-2018-18700", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-18701", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-19931", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07" + ] + }, + { + "VulnerabilityID": "CVE-2018-19932", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7" + ] + }, + { + "VulnerabilityID": "CVE-2018-20002", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", + "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106142", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", + "https://support.f5.com/csp/article/K62602089" + ] + }, + { + "VulnerabilityID": "CVE-2018-20623", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Use-after-free in the error function", + "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106370", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-20651", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", + "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106440", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-20671", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow in load_specific_debug_section function", + "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106457", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca" + ] + }, + { + "VulnerabilityID": "CVE-2018-20673", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "libiberty: Integer overflow in demangle_template() function", + "Description": "The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for \"Create an array for saving the template argument values\") that can trigger a heap-based buffer overflow, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106454", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24039" + ] + }, + { + "VulnerabilityID": "CVE-2018-20712", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "libiberty: heap-based buffer over-read in d_expression_1", + "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106563", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-9138", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-9996", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/103733", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010180", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", + "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/109367", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010204", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", + "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190822-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23765" + ] + }, + { + "VulnerabilityID": "CVE-2019-12972", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108903", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031" + ] + }, + { + "VulnerabilityID": "CVE-2019-14250", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109354", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", + "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", + "https://security.netapp.com/advisory/ntap-20190822-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-14444", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow in function apply_relocation in readelf.c", + "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190822-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24829" + ] + }, + { + "VulnerabilityID": "CVE-2019-17450", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: denial of service via crafted ELF file", + "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25078" + ] + }, + { + "VulnerabilityID": "CVE-2019-17451", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1" + ] + }, + { + "VulnerabilityID": "CVE-2019-9070", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", + "https://support.f5.com/csp/article/K13534168" + ] + }, + { + "VulnerabilityID": "CVE-2019-9071", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", + "https://support.f5.com/csp/article/K02884135" + ] + }, + { + "VulnerabilityID": "CVE-2019-9073", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", + "https://support.f5.com/csp/article/K37121474" + ] + }, + { + "VulnerabilityID": "CVE-2019-9074", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", + "https://support.f5.com/csp/article/K09092524" + ] + }, + { + "VulnerabilityID": "CVE-2019-9075", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", + "https://support.f5.com/csp/article/K42059040" + ] + }, + { + "VulnerabilityID": "CVE-2019-9077", + "PkgName": "binutils-x86-64-linux-gnu", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", + "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107139", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", + "https://support.f5.com/csp/article/K00056379" + ] + }, + { + "VulnerabilityID": "CVE-2016-2781", + "PkgName": "coreutils", + "InstalledVersion": "8.30-3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "coreutils: Non-privileged session can escape to the parent session in chroot", + "Description": "chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.", + "Severity": "LOW", + "References": [ + "http://www.openwall.com/lists/oss-security/2016/02/28/2", + "http://www.openwall.com/lists/oss-security/2016/02/28/3" + ] + }, + { + "VulnerabilityID": "CVE-2017-18018", + "PkgName": "coreutils", + "InstalledVersion": "8.30-3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "coreutils: race condition vulnerability in chown and chgrp", + "Description": "In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX \"-R -L\" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.", + "Severity": "LOW", + "References": [ + "http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "cpp-8", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "cpp-8", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "g++-8", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "g++-8", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "gcc-8", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "gcc-8", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "gcc-8-base", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "gcc-8-base", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2018-1000021", + "PkgName": "git", + "InstalledVersion": "1:2.20.1-2+deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands", + "Description": "GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).", + "Severity": "MEDIUM", + "References": [ + "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html" + ] + }, + { + "VulnerabilityID": "CVE-2018-1000021", + "PkgName": "git-man", + "InstalledVersion": "1:2.20.1-2+deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands", + "Description": "GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).", + "Severity": "MEDIUM", + "References": [ + "http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-14855", + "PkgName": "gpgv", + "InstalledVersion": "2.2.12-1+deb10u1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "gnupg2: OpenPGP Key Certification Forgeries with SHA-1", + "Description": "A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.", + "Severity": "MEDIUM", + "References": [ + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855", + "https://dev.gnupg.org/T4755", + "https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html", + "https://rwc.iacr.org/2020/slides/Leurent.pdf" + ] + }, + { + "VulnerabilityID": "CVE-2018-15607", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: CPU Exhaustion via crafted input file", + "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-15607.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/105137", + "https://github.com/ImageMagick/ImageMagick/issues/1255", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11470", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: denial of service in cineon parsing component", + "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11470.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", + "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", + "https://github.com/ImageMagick/ImageMagick/issues/1472", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19948", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19948.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", + "https://github.com/ImageMagick/ImageMagick/issues/1562", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" + ] + }, + { + "VulnerabilityID": "CVE-2008-3134", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", + "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", + "http://secunia.com/advisories/30879", + "http://secunia.com/advisories/32151", + "http://sourceforge.net/forum/forum.php?forum_id=841176", + "http://sourceforge.net/project/shownotes.php?release_id=610253", + "http://www.securityfocus.com/bid/30055", + "http://www.securitytracker.com/id?1020413", + "http://www.vupen.com/english/advisories/2008/1984/references", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513" + ] + }, + { + "VulnerabilityID": "CVE-2016-8678", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", + "Description": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\"", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2016/10/16/2", + "http://www.openwall.com/lists/oss-security/2016/12/08/18", + "http://www.securityfocus.com/bid/93599", + "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", + "https://github.com/ImageMagick/ImageMagick/issues/272" + ] + }, + { + "VulnerabilityID": "CVE-2017-11754", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/633" + ] + }, + { + "VulnerabilityID": "CVE-2017-11755", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/634" + ] + }, + { + "VulnerabilityID": "CVE-2017-7275", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", + "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/97166", + "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", + "https://github.com/ImageMagick/ImageMagick/issues/271" + ] + }, + { + "VulnerabilityID": "CVE-2019-10649", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", + "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107645", + "https://github.com/ImageMagick/ImageMagick/issues/1533", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11472", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", + "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11472.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://github.com/ImageMagick/ImageMagick/issues/1546", + "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11597", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11597.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", + "https://github.com/ImageMagick/ImageMagick/issues/1555", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-11598", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11598.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", + "https://github.com/ImageMagick/ImageMagick/issues/1540", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-12974", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", + "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12974.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", + "https://github.com/ImageMagick/ImageMagick/issues/1515" + ] + }, + { + "VulnerabilityID": "CVE-2019-12975", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12975.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1517" + ] + }, + { + "VulnerabilityID": "CVE-2019-12976", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12976.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1520" + ] + }, + { + "VulnerabilityID": "CVE-2019-12977", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1518" + ] + }, + { + "VulnerabilityID": "CVE-2019-12978", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12978.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1519" + ] + }, + { + "VulnerabilityID": "CVE-2019-12979", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12979.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1522" + ] + }, + { + "VulnerabilityID": "CVE-2019-13135", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", + "Description": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13135.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", + "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", + "https://github.com/ImageMagick/ImageMagick/issues/1599", + "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13137", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", + "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", + "https://github.com/ImageMagick/ImageMagick/issues/1601", + "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b" + ] + }, + { + "VulnerabilityID": "CVE-2019-13295", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13295.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", + "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", + "https://github.com/ImageMagick/ImageMagick/issues/1608", + "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13297", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13297.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", + "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", + "https://github.com/ImageMagick/ImageMagick/issues/1609", + "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13300", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13300.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", + "https://github.com/ImageMagick/ImageMagick/issues/1586", + "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450" + ] + }, + { + "VulnerabilityID": "CVE-2019-13301", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks in AcquireMagickMemory", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13301.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", + "https://github.com/ImageMagick/ImageMagick/issues/1585", + "https://github.com/ImageMagick/ImageMagick/issues/1589" + ] + }, + { + "VulnerabilityID": "CVE-2019-13304", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13304.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", + "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", + "https://github.com/ImageMagick/ImageMagick/issues/1614", + "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13305", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13305.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", + "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", + "https://github.com/ImageMagick/ImageMagick/issues/1613", + "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13306", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13306.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", + "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", + "https://github.com/ImageMagick/ImageMagick/issues/1612", + "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13307", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13307.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", + "https://github.com/ImageMagick/ImageMagick/issues/1615", + "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe" + ] + }, + { + "VulnerabilityID": "CVE-2019-13308", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", + "https://github.com/ImageMagick/ImageMagick/issues/1595", + "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01" + ] + }, + { + "VulnerabilityID": "CVE-2019-13309", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13309.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" + ] + }, + { + "VulnerabilityID": "CVE-2019-13310", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13310.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" + ] + }, + { + "VulnerabilityID": "CVE-2019-13311", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13311.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", + "https://github.com/ImageMagick/ImageMagick/issues/1623", + "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91" + ] + }, + { + "VulnerabilityID": "CVE-2019-13391", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", + "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", + "https://github.com/ImageMagick/ImageMagick/issues/1588", + "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984" + ] + }, + { + "VulnerabilityID": "CVE-2019-13454", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", + "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13454.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "http://www.securityfocus.com/bid/109099", + "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", + "https://github.com/ImageMagick/ImageMagick/issues/1629", + "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4" + ] + }, + { + "VulnerabilityID": "CVE-2019-14981", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", + "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-14981.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", + "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", + "https://github.com/ImageMagick/ImageMagick/issues/1552", + "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15139", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", + "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15139.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", + "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", + "https://github.com/ImageMagick/ImageMagick/issues/1553", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15140", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", + "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15140.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", + "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", + "https://github.com/ImageMagick/ImageMagick/issues/1554", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-16708", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in magick/xwindow.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16708.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16709", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dps.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16709.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531" + ] + }, + { + "VulnerabilityID": "CVE-2019-16710", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16710.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1528", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16711", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", + "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16711.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1542", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16712", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16712.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1557" + ] + }, + { + "VulnerabilityID": "CVE-2019-16713", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16713.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1558", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19949", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19949.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", + "https://github.com/ImageMagick/ImageMagick/issues/1561", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-7175", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", + "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-7175.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "https://github.com/ImageMagick/ImageMagick/issues/1450" + ] + }, + { + "VulnerabilityID": "CVE-2019-7395", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106850", + "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", + "https://github.com/ImageMagick/ImageMagick/issues/1451" + ] + }, + { + "VulnerabilityID": "CVE-2019-7396", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://www.securityfocus.com/bid/106849", + "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", + "https://github.com/ImageMagick/ImageMagick/issues/1452", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-7397", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", + "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", + "Severity": "MEDIUM", + "References": [ + "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", + "http://linux.oracle.com/cve/CVE-2019-7397.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106847", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", + "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", + "https://github.com/ImageMagick/ImageMagick/issues/1454" + ] + }, + { + "VulnerabilityID": "CVE-2019-7398", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-7398.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106848", + "https://github.com/ImageMagick/ImageMagick/issues/1453" + ] + }, + { + "VulnerabilityID": "CVE-2020-10251", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", + "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/1859" + ] + }, + { + "VulnerabilityID": "CVE-2005-0406", + "PkgName": "imagemagick", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", + "Severity": "LOW", + "References": [ + "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", + "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt" + ] + }, + { + "VulnerabilityID": "CVE-2018-15607", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: CPU Exhaustion via crafted input file", + "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-15607.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/105137", + "https://github.com/ImageMagick/ImageMagick/issues/1255", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11470", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: denial of service in cineon parsing component", + "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11470.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", + "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", + "https://github.com/ImageMagick/ImageMagick/issues/1472", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19948", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19948.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", + "https://github.com/ImageMagick/ImageMagick/issues/1562", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" + ] + }, + { + "VulnerabilityID": "CVE-2008-3134", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", + "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", + "http://secunia.com/advisories/30879", + "http://secunia.com/advisories/32151", + "http://sourceforge.net/forum/forum.php?forum_id=841176", + "http://sourceforge.net/project/shownotes.php?release_id=610253", + "http://www.securityfocus.com/bid/30055", + "http://www.securitytracker.com/id?1020413", + "http://www.vupen.com/english/advisories/2008/1984/references", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513" + ] + }, + { + "VulnerabilityID": "CVE-2016-8678", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", + "Description": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\"", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2016/10/16/2", + "http://www.openwall.com/lists/oss-security/2016/12/08/18", + "http://www.securityfocus.com/bid/93599", + "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", + "https://github.com/ImageMagick/ImageMagick/issues/272" + ] + }, + { + "VulnerabilityID": "CVE-2017-11754", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/633" + ] + }, + { + "VulnerabilityID": "CVE-2017-11755", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/634" + ] + }, + { + "VulnerabilityID": "CVE-2017-7275", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", + "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/97166", + "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", + "https://github.com/ImageMagick/ImageMagick/issues/271" + ] + }, + { + "VulnerabilityID": "CVE-2019-10649", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", + "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107645", + "https://github.com/ImageMagick/ImageMagick/issues/1533", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11472", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", + "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11472.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://github.com/ImageMagick/ImageMagick/issues/1546", + "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11597", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11597.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", + "https://github.com/ImageMagick/ImageMagick/issues/1555", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-11598", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11598.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", + "https://github.com/ImageMagick/ImageMagick/issues/1540", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-12974", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", + "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12974.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", + "https://github.com/ImageMagick/ImageMagick/issues/1515" + ] + }, + { + "VulnerabilityID": "CVE-2019-12975", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12975.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1517" + ] + }, + { + "VulnerabilityID": "CVE-2019-12976", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12976.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1520" + ] + }, + { + "VulnerabilityID": "CVE-2019-12977", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1518" + ] + }, + { + "VulnerabilityID": "CVE-2019-12978", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12978.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1519" + ] + }, + { + "VulnerabilityID": "CVE-2019-12979", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12979.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1522" + ] + }, + { + "VulnerabilityID": "CVE-2019-13135", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", + "Description": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13135.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", + "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", + "https://github.com/ImageMagick/ImageMagick/issues/1599", + "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13137", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", + "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", + "https://github.com/ImageMagick/ImageMagick/issues/1601", + "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b" + ] + }, + { + "VulnerabilityID": "CVE-2019-13295", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13295.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", + "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", + "https://github.com/ImageMagick/ImageMagick/issues/1608", + "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13297", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13297.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", + "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", + "https://github.com/ImageMagick/ImageMagick/issues/1609", + "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13300", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13300.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", + "https://github.com/ImageMagick/ImageMagick/issues/1586", + "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450" + ] + }, + { + "VulnerabilityID": "CVE-2019-13301", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks in AcquireMagickMemory", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13301.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", + "https://github.com/ImageMagick/ImageMagick/issues/1585", + "https://github.com/ImageMagick/ImageMagick/issues/1589" + ] + }, + { + "VulnerabilityID": "CVE-2019-13304", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13304.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", + "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", + "https://github.com/ImageMagick/ImageMagick/issues/1614", + "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13305", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13305.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", + "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", + "https://github.com/ImageMagick/ImageMagick/issues/1613", + "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13306", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13306.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", + "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", + "https://github.com/ImageMagick/ImageMagick/issues/1612", + "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13307", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13307.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", + "https://github.com/ImageMagick/ImageMagick/issues/1615", + "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe" + ] + }, + { + "VulnerabilityID": "CVE-2019-13308", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", + "https://github.com/ImageMagick/ImageMagick/issues/1595", + "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01" + ] + }, + { + "VulnerabilityID": "CVE-2019-13309", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13309.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" + ] + }, + { + "VulnerabilityID": "CVE-2019-13310", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13310.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" + ] + }, + { + "VulnerabilityID": "CVE-2019-13311", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13311.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", + "https://github.com/ImageMagick/ImageMagick/issues/1623", + "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91" + ] + }, + { + "VulnerabilityID": "CVE-2019-13391", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", + "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", + "https://github.com/ImageMagick/ImageMagick/issues/1588", + "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984" + ] + }, + { + "VulnerabilityID": "CVE-2019-13454", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", + "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13454.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "http://www.securityfocus.com/bid/109099", + "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", + "https://github.com/ImageMagick/ImageMagick/issues/1629", + "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4" + ] + }, + { + "VulnerabilityID": "CVE-2019-14981", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", + "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-14981.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", + "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", + "https://github.com/ImageMagick/ImageMagick/issues/1552", + "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15139", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", + "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15139.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", + "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", + "https://github.com/ImageMagick/ImageMagick/issues/1553", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15140", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", + "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15140.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", + "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", + "https://github.com/ImageMagick/ImageMagick/issues/1554", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-16708", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in magick/xwindow.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16708.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16709", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dps.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16709.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531" + ] + }, + { + "VulnerabilityID": "CVE-2019-16710", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16710.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1528", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16711", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", + "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16711.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1542", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16712", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16712.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1557" + ] + }, + { + "VulnerabilityID": "CVE-2019-16713", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16713.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1558", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19949", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19949.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", + "https://github.com/ImageMagick/ImageMagick/issues/1561", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-7175", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", + "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-7175.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "https://github.com/ImageMagick/ImageMagick/issues/1450" + ] + }, + { + "VulnerabilityID": "CVE-2019-7395", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106850", + "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", + "https://github.com/ImageMagick/ImageMagick/issues/1451" + ] + }, + { + "VulnerabilityID": "CVE-2019-7396", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://www.securityfocus.com/bid/106849", + "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", + "https://github.com/ImageMagick/ImageMagick/issues/1452", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-7397", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", + "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", + "Severity": "MEDIUM", + "References": [ + "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", + "http://linux.oracle.com/cve/CVE-2019-7397.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106847", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", + "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", + "https://github.com/ImageMagick/ImageMagick/issues/1454" + ] + }, + { + "VulnerabilityID": "CVE-2019-7398", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-7398.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106848", + "https://github.com/ImageMagick/ImageMagick/issues/1453" + ] + }, + { + "VulnerabilityID": "CVE-2020-10251", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", + "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/1859" + ] + }, + { + "VulnerabilityID": "CVE-2005-0406", + "PkgName": "imagemagick-6-common", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", + "Severity": "LOW", + "References": [ + "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", + "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt" + ] + }, + { + "VulnerabilityID": "CVE-2018-15607", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: CPU Exhaustion via crafted input file", + "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-15607.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/105137", + "https://github.com/ImageMagick/ImageMagick/issues/1255", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11470", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: denial of service in cineon parsing component", + "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11470.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", + "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", + "https://github.com/ImageMagick/ImageMagick/issues/1472", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19948", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19948.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", + "https://github.com/ImageMagick/ImageMagick/issues/1562", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" + ] + }, + { + "VulnerabilityID": "CVE-2008-3134", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", + "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", + "http://secunia.com/advisories/30879", + "http://secunia.com/advisories/32151", + "http://sourceforge.net/forum/forum.php?forum_id=841176", + "http://sourceforge.net/project/shownotes.php?release_id=610253", + "http://www.securityfocus.com/bid/30055", + "http://www.securitytracker.com/id?1020413", + "http://www.vupen.com/english/advisories/2008/1984/references", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513" + ] + }, + { + "VulnerabilityID": "CVE-2016-8678", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", + "Description": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\"", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2016/10/16/2", + "http://www.openwall.com/lists/oss-security/2016/12/08/18", + "http://www.securityfocus.com/bid/93599", + "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", + "https://github.com/ImageMagick/ImageMagick/issues/272" + ] + }, + { + "VulnerabilityID": "CVE-2017-11754", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/633" + ] + }, + { + "VulnerabilityID": "CVE-2017-11755", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/634" + ] + }, + { + "VulnerabilityID": "CVE-2017-7275", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", + "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/97166", + "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", + "https://github.com/ImageMagick/ImageMagick/issues/271" + ] + }, + { + "VulnerabilityID": "CVE-2019-10649", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", + "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107645", + "https://github.com/ImageMagick/ImageMagick/issues/1533", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11472", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", + "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11472.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://github.com/ImageMagick/ImageMagick/issues/1546", + "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11597", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11597.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", + "https://github.com/ImageMagick/ImageMagick/issues/1555", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-11598", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11598.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", + "https://github.com/ImageMagick/ImageMagick/issues/1540", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-12974", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", + "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12974.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", + "https://github.com/ImageMagick/ImageMagick/issues/1515" + ] + }, + { + "VulnerabilityID": "CVE-2019-12975", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12975.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1517" + ] + }, + { + "VulnerabilityID": "CVE-2019-12976", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12976.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1520" + ] + }, + { + "VulnerabilityID": "CVE-2019-12977", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1518" + ] + }, + { + "VulnerabilityID": "CVE-2019-12978", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12978.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1519" + ] + }, + { + "VulnerabilityID": "CVE-2019-12979", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12979.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1522" + ] + }, + { + "VulnerabilityID": "CVE-2019-13135", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", + "Description": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13135.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", + "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", + "https://github.com/ImageMagick/ImageMagick/issues/1599", + "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13137", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", + "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", + "https://github.com/ImageMagick/ImageMagick/issues/1601", + "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b" + ] + }, + { + "VulnerabilityID": "CVE-2019-13295", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13295.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", + "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", + "https://github.com/ImageMagick/ImageMagick/issues/1608", + "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13297", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13297.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", + "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", + "https://github.com/ImageMagick/ImageMagick/issues/1609", + "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13300", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13300.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", + "https://github.com/ImageMagick/ImageMagick/issues/1586", + "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450" + ] + }, + { + "VulnerabilityID": "CVE-2019-13301", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks in AcquireMagickMemory", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13301.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", + "https://github.com/ImageMagick/ImageMagick/issues/1585", + "https://github.com/ImageMagick/ImageMagick/issues/1589" + ] + }, + { + "VulnerabilityID": "CVE-2019-13304", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13304.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", + "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", + "https://github.com/ImageMagick/ImageMagick/issues/1614", + "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13305", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13305.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", + "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", + "https://github.com/ImageMagick/ImageMagick/issues/1613", + "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13306", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13306.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", + "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", + "https://github.com/ImageMagick/ImageMagick/issues/1612", + "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13307", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13307.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", + "https://github.com/ImageMagick/ImageMagick/issues/1615", + "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe" + ] + }, + { + "VulnerabilityID": "CVE-2019-13308", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", + "https://github.com/ImageMagick/ImageMagick/issues/1595", + "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01" + ] + }, + { + "VulnerabilityID": "CVE-2019-13309", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13309.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" + ] + }, + { + "VulnerabilityID": "CVE-2019-13310", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13310.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" + ] + }, + { + "VulnerabilityID": "CVE-2019-13311", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13311.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", + "https://github.com/ImageMagick/ImageMagick/issues/1623", + "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91" + ] + }, + { + "VulnerabilityID": "CVE-2019-13391", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", + "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", + "https://github.com/ImageMagick/ImageMagick/issues/1588", + "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984" + ] + }, + { + "VulnerabilityID": "CVE-2019-13454", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", + "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13454.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "http://www.securityfocus.com/bid/109099", + "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", + "https://github.com/ImageMagick/ImageMagick/issues/1629", + "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4" + ] + }, + { + "VulnerabilityID": "CVE-2019-14981", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", + "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-14981.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", + "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", + "https://github.com/ImageMagick/ImageMagick/issues/1552", + "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15139", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", + "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15139.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", + "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", + "https://github.com/ImageMagick/ImageMagick/issues/1553", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15140", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", + "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15140.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", + "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", + "https://github.com/ImageMagick/ImageMagick/issues/1554", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-16708", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in magick/xwindow.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16708.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16709", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dps.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16709.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531" + ] + }, + { + "VulnerabilityID": "CVE-2019-16710", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16710.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1528", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16711", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", + "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16711.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1542", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16712", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16712.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1557" + ] + }, + { + "VulnerabilityID": "CVE-2019-16713", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16713.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1558", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19949", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19949.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", + "https://github.com/ImageMagick/ImageMagick/issues/1561", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-7175", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", + "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-7175.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "https://github.com/ImageMagick/ImageMagick/issues/1450" + ] + }, + { + "VulnerabilityID": "CVE-2019-7395", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106850", + "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", + "https://github.com/ImageMagick/ImageMagick/issues/1451" + ] + }, + { + "VulnerabilityID": "CVE-2019-7396", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://www.securityfocus.com/bid/106849", + "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", + "https://github.com/ImageMagick/ImageMagick/issues/1452", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-7397", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", + "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", + "Severity": "MEDIUM", + "References": [ + "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", + "http://linux.oracle.com/cve/CVE-2019-7397.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106847", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", + "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", + "https://github.com/ImageMagick/ImageMagick/issues/1454" + ] + }, + { + "VulnerabilityID": "CVE-2019-7398", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-7398.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106848", + "https://github.com/ImageMagick/ImageMagick/issues/1453" + ] + }, + { + "VulnerabilityID": "CVE-2020-10251", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", + "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/1859" + ] + }, + { + "VulnerabilityID": "CVE-2005-0406", + "PkgName": "imagemagick-6.q16", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", + "Severity": "LOW", + "References": [ + "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", + "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt" + ] + }, + { + "VulnerabilityID": "CVE-2016-1585", + "PkgName": "libapparmor1", + "InstalledVersion": "2.13.2-10", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Description": "In all versions of AppArmor mount rules are accidentally widened when compiled.", + "Severity": "HIGH", + "References": [ + "https://bugs.launchpad.net/apparmor/+bug/1597017" + ] + }, + { + "VulnerabilityID": "CVE-2011-3374", + "PkgName": "libapt-pkg5.0", + "InstalledVersion": "1.8.2", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Description": "It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.", + "Severity": "MEDIUM", + "References": [ + "https://access.redhat.com/security/cve/cve-2011-3374", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480", + "https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html", + "https://security-tracker.debian.org/tracker/CVE-2011-3374", + "https://snyk.io/vuln/SNYK-LINUX-APT-116518" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libasan5", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libasan5", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libatomic1", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libatomic1", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2017-6519", + "PkgName": "libavahi-client3", + "InstalledVersion": "0.7-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "avahi: Multicast DNS responds to unicast queries outside of local network", + "Description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2017-6519.html", + "http://linux.oracle.com/errata/ELSA-2020-1176.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=1426712", + "https://github.com/lathiat/avahi/issues/203", + "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790", + "https://usn.ubuntu.com/3876-1/", + "https://usn.ubuntu.com/3876-2/", + "https://www.kb.cert.org/vuls/id/550620", + "https://www.secfu.net/advisories" + ] + }, + { + "VulnerabilityID": "CVE-2017-6519", + "PkgName": "libavahi-common-data", + "InstalledVersion": "0.7-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "avahi: Multicast DNS responds to unicast queries outside of local network", + "Description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2017-6519.html", + "http://linux.oracle.com/errata/ELSA-2020-1176.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=1426712", + "https://github.com/lathiat/avahi/issues/203", + "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790", + "https://usn.ubuntu.com/3876-1/", + "https://usn.ubuntu.com/3876-2/", + "https://www.kb.cert.org/vuls/id/550620", + "https://www.secfu.net/advisories" + ] + }, + { + "VulnerabilityID": "CVE-2017-6519", + "PkgName": "libavahi-common3", + "InstalledVersion": "0.7-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "avahi: Multicast DNS responds to unicast queries outside of local network", + "Description": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2017-6519.html", + "http://linux.oracle.com/errata/ELSA-2020-1176.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=1426712", + "https://github.com/lathiat/avahi/issues/203", + "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790", + "https://usn.ubuntu.com/3876-1/", + "https://usn.ubuntu.com/3876-2/", + "https://www.kb.cert.org/vuls/id/550620", + "https://www.secfu.net/advisories" + ] + }, + { + "VulnerabilityID": "CVE-2017-13716", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Memory leak with the C++ symbol demangler routine in libiberty", + "Description": "The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).", + "Severity": "HIGH", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22009" + ] + }, + { + "VulnerabilityID": "CVE-2018-12699", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in finish_stab in stabs.c", + "Description": "finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.", + "Severity": "HIGH", + "References": [ + "http://www.securityfocus.com/bid/104540", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-1000876", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow leads to heap-based buffer overflow in objdump", + "Description": "binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-1000876.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/106304", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23994", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3a551c7a1b80fca579461774860574eabfd7f18f" + ] + }, + { + "VulnerabilityID": "CVE-2018-12697", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.", + "Description": "A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-12697.html", + "http://linux.oracle.com/errata/ELSA-2019-2075.html", + "http://www.securityfocus.com/bid/104538", + "https://access.redhat.com/errata/RHSA-2019:2075", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12698", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: excessive memory consumption in demangle_template in cplus-dem.c", + "Description": "demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the \"Create an array for saving the template argument values\" XNEWVEC call. This can occur during execution of objdump.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/104539", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12700", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack Exhaustion in debug_write_type in debug.c", + "Description": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/104541", + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" + ] + }, + { + "VulnerabilityID": "CVE-2018-12934", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Uncontrolled Resource Consumption in remember_Ktype in cplus-dem.c", + "Description": "remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.", + "Severity": "MEDIUM", + "References": [ + "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23059", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-17358", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" + ] + }, + { + "VulnerabilityID": "CVE-2018-17359", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory access in bfd_zalloc in opncls.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23686" + ] + }, + { + "VulnerabilityID": "CVE-2018-17360", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23685" + ] + }, + { + "VulnerabilityID": "CVE-2018-17794", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in libiberty/cplus-dem.c:work_stuff_copy_to_from() via crafted input", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-17985", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack consumption problem caused by the cplus_demangle_type", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335" + ] + }, + { + "VulnerabilityID": "CVE-2018-18309", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: invalid memory address dereference in read_reloc in reloc.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105692", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23770", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0930cb3021b8078b34cf216e79eb8608d017864f" + ] + }, + { + "VulnerabilityID": "CVE-2018-18483", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow in cplus-dem.c:get_count() allows for denial of service", + "Description": "The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105689", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23767" + ] + }, + { + "VulnerabilityID": "CVE-2018-18484", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack exhaustion in cp-demangle.c allows for denial of service", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105693", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636" + ] + }, + { + "VulnerabilityID": "CVE-2018-18605", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in sec_merge_hash_lookup in merge.c", + "Description": "A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18605", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23804", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab419ddbb2cdd17ca83618990f2cacf904ce1d61" + ] + }, + { + "VulnerabilityID": "CVE-2018-18606", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in _bfd_add_merge_section in merge_strings function in merge.c", + "Description": "An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18606", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23806", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=45a0eaf77022963d639d6d19871dbab7b79703fc" + ] + }, + { + "VulnerabilityID": "CVE-2018-18607", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in elf_link_input_bfd in elflink.c", + "Description": "An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/105754", + "https://deb.freexian.com/extended-lts/tracker/CVE-2018-18607", + "https://security.netapp.com/advisory/ntap-20190307-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23805", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=102def4da826b3d9e169741421e5e67e8731909a" + ] + }, + { + "VulnerabilityID": "CVE-2018-18700", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Recursive Stack Overflow within function d_name, d_encoding, and d_local_name in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-18701", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: infinite recursion in next_is_type_qual and cplus_demangle_type functions in cp-demangle.c", + "Description": "An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-19931", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Heap-based buffer overflow in bfd_elf32_swap_phdr_in function resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23942", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07" + ] + }, + { + "VulnerabilityID": "CVE-2018-19932", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow due to the IS_CONTAINED_BY_LMA macro resulting in a denial of service", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106144", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23932", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7" + ] + }, + { + "VulnerabilityID": "CVE-2018-20002", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: memory leak in _bfd_generic_read_minisymbols function in syms.c", + "Description": "The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106142", + "https://security.gentoo.org/glsa/201908-01", + "https://security.netapp.com/advisory/ntap-20190221-0004/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23952", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9", + "https://support.f5.com/csp/article/K62602089" + ] + }, + { + "VulnerabilityID": "CVE-2018-20623", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Use-after-free in the error function", + "Description": "In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106370", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24049", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-20651", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: NULL pointer dereference in elf_link_add_object_symbols function resulting in a denial of service", + "Description": "A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106440", + "https://security.gentoo.org/glsa/201908-01", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24041", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-20671", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Integer overflow in load_specific_debug_section function", + "Description": "load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/106457", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24005", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca" + ] + }, + { + "VulnerabilityID": "CVE-2018-20673", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "libiberty: Integer overflow in demangle_template() function", + "Description": "The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for \"Create an array for saving the template argument values\") that can trigger a heap-based buffer overflow, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106454", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24039" + ] + }, + { + "VulnerabilityID": "CVE-2018-20712", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "libiberty: heap-based buffer over-read in d_expression_1", + "Description": "A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106563", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24043", + "https://support.f5.com/csp/article/K38336243" + ] + }, + { + "VulnerabilityID": "CVE-2018-9138", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack Exhaustion in the the C++ demangling functions provided by libiberty", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=23008", + "https://usn.ubuntu.com/4326-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-9996", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Stack-overflow in libiberty/cplus-dem.c causes crash", + "Description": "An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/103733", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010180", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution", + "Description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", + "http://www.securityfocus.com/bid/109367", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010204", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service", + "Description": "GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190822-0001/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=23765" + ] + }, + { + "VulnerabilityID": "CVE-2019-12972", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108903", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24689", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031" + ] + }, + { + "VulnerabilityID": "CVE-2019-14250", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow in simple-object-elf.c leads to a heap-based buffer overflow", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109354", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924", + "https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html", + "https://security.netapp.com/advisory/ntap-20190822-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-14444", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow in function apply_relocation in readelf.c", + "Description": "apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190822-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24829" + ] + }, + { + "VulnerabilityID": "CVE-2019-17450", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: denial of service via crafted ELF file", + "Description": "find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25078" + ] + }, + { + "VulnerabilityID": "CVE-2019-17451", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20191024-0002/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25070", + "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1" + ] + }, + { + "VulnerabilityID": "CVE-2019-9070", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer over-read in function d_expression_1 in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24229", + "https://support.f5.com/csp/article/K13534168" + ] + }, + { + "VulnerabilityID": "CVE-2019-9071", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: stack consumption in function d_count_templates_scopes in cp-demangle.c", + "Description": "An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107147", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24227", + "https://support.f5.com/csp/article/K02884135" + ] + }, + { + "VulnerabilityID": "CVE-2019-9073", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: excessive memory allocation in function _bfd_elf_slurp_version_tables in elf.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24233", + "https://support.f5.com/csp/article/K37121474" + ] + }, + { + "VulnerabilityID": "CVE-2019-9074", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: out-of-bound read in function bfd_getl32 in libbfd.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24235", + "https://support.f5.com/csp/article/K09092524" + ] + }, + { + "VulnerabilityID": "CVE-2019-9075", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in function _bfd_archive_64_bit_slurp_armap in archive64.c", + "Description": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24236", + "https://support.f5.com/csp/article/K42059040" + ] + }, + { + "VulnerabilityID": "CVE-2019-9077", + "PkgName": "libbinutils", + "InstalledVersion": "2.31.1-16", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "binutils: heap-based buffer overflow in function process_mips_specific in readelf.c", + "Description": "An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107139", + "https://security.netapp.com/advisory/ntap-20190314-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=24243", + "https://support.f5.com/csp/article/K00056379" + ] + }, + { + "VulnerabilityID": "CVE-2019-20367", + "PkgName": "libbsd0", + "InstalledVersion": "0.9.1-2", + "Layer": { + "Digest": "sha256:dcf4d822b25e881858974ef05d5237438ea75e79629228030993e01d8685cf3a", + "DiffID": "sha256:aabbe8e7814eee19746f5888f3909b5bf6961801bede1448d41519cd1344b78a" + }, + "Description": "nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).", + "Severity": "MEDIUM", + "References": [ + "https://gitlab.freedesktop.org/libbsd/libbsd/commit/9d917aad37778a9f4a96ba358415f077f3f36f3b", + "https://lists.freedesktop.org/archives/libbsd/2019-August/000229.html", + "https://usn.ubuntu.com/4243-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010022", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: stack guard protection bypass", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", + "Severity": "HIGH", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850" + ] + }, + { + "VulnerabilityID": "CVE-2020-1752", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: use-after-free in glob() function when expanding ~user", + "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", + "Severity": "HIGH" + }, + { + "VulnerabilityID": "CVE-2010-4051", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\"", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859" + ] + }, + { + "VulnerabilityID": "CVE-2010-4052", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859" + ] + }, + { + "VulnerabilityID": "CVE-2010-4756", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223" + ] + }, + { + "VulnerabilityID": "CVE-2016-10228", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: iconv program can hang when invoked with the -c option", + "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "Severity": "MEDIUM", + "References": [ + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519" + ] + }, + { + "VulnerabilityID": "CVE-2018-20796", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107160", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010023", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109167", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010024", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: ASLR bypass using cache of thread stack and heap", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109162", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010025", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: information disclosure of heap addresses of pthread_created thread", + "Description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is \"ASLR bypass itself is not a vulnerability.\"", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853" + ] + }, + { + "VulnerabilityID": "CVE-2019-9192", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2020-1751", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: array overflow in backtrace functions for powerpc", + "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "Severity": "MEDIUM", + "References": [ + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423" + ] + }, + { + "VulnerabilityID": "CVE-2020-6096", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620" + ] + }, + { + "VulnerabilityID": "CVE-2019-19126", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "Severity": "LOW", + "References": [ + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204" + ] + }, + { + "VulnerabilityID": "CVE-2020-10029", + "PkgName": "libc-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010022", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: stack guard protection bypass", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", + "Severity": "HIGH", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850" + ] + }, + { + "VulnerabilityID": "CVE-2020-1752", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: use-after-free in glob() function when expanding ~user", + "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", + "Severity": "HIGH" + }, + { + "VulnerabilityID": "CVE-2010-4051", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\"", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859" + ] + }, + { + "VulnerabilityID": "CVE-2010-4052", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859" + ] + }, + { + "VulnerabilityID": "CVE-2010-4756", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223" + ] + }, + { + "VulnerabilityID": "CVE-2016-10228", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: iconv program can hang when invoked with the -c option", + "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "Severity": "MEDIUM", + "References": [ + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519" + ] + }, + { + "VulnerabilityID": "CVE-2018-20796", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107160", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010023", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109167", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010024", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: ASLR bypass using cache of thread stack and heap", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109162", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010025", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: information disclosure of heap addresses of pthread_created thread", + "Description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is \"ASLR bypass itself is not a vulnerability.\"", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853" + ] + }, + { + "VulnerabilityID": "CVE-2019-9192", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2020-1751", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: array overflow in backtrace functions for powerpc", + "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "Severity": "MEDIUM", + "References": [ + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423" + ] + }, + { + "VulnerabilityID": "CVE-2020-6096", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620" + ] + }, + { + "VulnerabilityID": "CVE-2019-19126", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "Severity": "LOW", + "References": [ + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204" + ] + }, + { + "VulnerabilityID": "CVE-2020-10029", + "PkgName": "libc-dev-bin", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010022", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: stack guard protection bypass", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", + "Severity": "HIGH", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850" + ] + }, + { + "VulnerabilityID": "CVE-2020-1752", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: use-after-free in glob() function when expanding ~user", + "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", + "Severity": "HIGH" + }, + { + "VulnerabilityID": "CVE-2010-4051", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\"", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859" + ] + }, + { + "VulnerabilityID": "CVE-2010-4052", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859" + ] + }, + { + "VulnerabilityID": "CVE-2010-4756", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223" + ] + }, + { + "VulnerabilityID": "CVE-2016-10228", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: iconv program can hang when invoked with the -c option", + "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "Severity": "MEDIUM", + "References": [ + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519" + ] + }, + { + "VulnerabilityID": "CVE-2018-20796", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107160", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010023", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109167", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010024", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: ASLR bypass using cache of thread stack and heap", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109162", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010025", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: information disclosure of heap addresses of pthread_created thread", + "Description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is \"ASLR bypass itself is not a vulnerability.\"", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853" + ] + }, + { + "VulnerabilityID": "CVE-2019-9192", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2020-1751", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: array overflow in backtrace functions for powerpc", + "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "Severity": "MEDIUM", + "References": [ + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423" + ] + }, + { + "VulnerabilityID": "CVE-2020-6096", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620" + ] + }, + { + "VulnerabilityID": "CVE-2019-19126", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "Severity": "LOW", + "References": [ + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204" + ] + }, + { + "VulnerabilityID": "CVE-2020-10029", + "PkgName": "libc6", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010022", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: stack guard protection bypass", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard.", + "Severity": "HIGH", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22850" + ] + }, + { + "VulnerabilityID": "CVE-2020-1752", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: use-after-free in glob() function when expanding ~user", + "Description": "A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution.", + "Severity": "HIGH" + }, + { + "VulnerabilityID": "CVE-2010-4051", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (application crash) via a regular expression containing adjacent bounded repetitions that bypass the intended RE_DUP_MAX limitation, as demonstrated by a {10,}{10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD, related to a \"RE_DUP_MAX overflow.\"", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859" + ] + }, + { + "VulnerabilityID": "CVE-2010-4052", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "CVE-2010-4051 CVE-2010-4052 glibc: De-recursivise regular expression engine", + "Description": "Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/proftpd.gnu.c", + "http://seclists.org/fulldisclosure/2011/Jan/78", + "http://secunia.com/advisories/42547", + "http://securityreason.com/achievement_securityalert/93", + "http://securityreason.com/securityalert/8003", + "http://securitytracker.com/id?1024832", + "http://www.exploit-db.com/exploits/15935", + "http://www.kb.cert.org/vuls/id/912279", + "http://www.securityfocus.com/archive/1/515589/100/0/threaded", + "http://www.securityfocus.com/bid/45233", + "https://bugzilla.redhat.com/show_bug.cgi?id=645859" + ] + }, + { + "VulnerabilityID": "CVE-2010-4756", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions", + "Description": "The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.", + "Severity": "MEDIUM", + "References": [ + "http://cxib.net/stuff/glob-0day.c", + "http://securityreason.com/achievement_securityalert/89", + "http://securityreason.com/exploitalert/9223" + ] + }, + { + "VulnerabilityID": "CVE-2016-10228", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: iconv program can hang when invoked with the -c option", + "Description": "The iconv program in the GNU C Library (aka glibc or libc6) 2.25 and earlier, when invoked with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.", + "Severity": "MEDIUM", + "References": [ + "http://openwall.com/lists/oss-security/2017/03/01/10", + "http://www.securityfocus.com/bid/96525", + "https://sourceware.org/bugzilla/show_bug.cgi?id=19519" + ] + }, + { + "VulnerabilityID": "CVE-2018-20796", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\\227|)(\\\\1\\\\1|t1|\\\\\\2537)+' in grep.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107160", + "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141", + "https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html", + "https://security.netapp.com/advisory/ntap-20190315-0002/", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010023", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: running ldd on malicious ELF leads to code execution because of wrong size computation", + "Description": "GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109167", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22851", + "https://support.f5.com/csp/article/K11932200?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010024", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: ASLR bypass using cache of thread stack and heap", + "Description": "GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/109162", + "https://sourceware.org/bugzilla/show_bug.cgi?id=22852", + "https://support.f5.com/csp/article/K06046097" + ] + }, + { + "VulnerabilityID": "CVE-2019-1010025", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: information disclosure of heap addresses of pthread_created thread", + "Description": "** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is \"ASLR bypass itself is not a vulnerability.\"", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=22853" + ] + }, + { + "VulnerabilityID": "CVE-2019-9192", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c", + "Description": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "https://support.f5.com/csp/article/K26346590?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2020-1751", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: array overflow in backtrace functions for powerpc", + "Description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.", + "Severity": "MEDIUM", + "References": [ + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1751", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25423" + ] + }, + { + "VulnerabilityID": "CVE-2020-6096", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: signed comparison vulnerability in the ARMv7 memcpy function", + "Description": "An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy(), this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore, this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.", + "Severity": "MEDIUM", + "References": [ + "https://sourceware.org/bugzilla/attachment.cgi?id=12334", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25620" + ] + }, + { + "VulnerabilityID": "CVE-2019-19126", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries", + "Description": "On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.", + "Severity": "LOW", + "References": [ + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFJ5E7NWOL6ROE5QVICHKIOUGCPFJVUH/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25204" + ] + }, + { + "VulnerabilityID": "CVE-2020-10029", + "PkgName": "libc6-dev", + "InstalledVersion": "2.28-10", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions", + "Description": "The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00033.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/23N76M3EDP2GIW4GOIQRYTKRE7PPBRB2/", + "https://security.netapp.com/advisory/ntap-20200327-0003/", + "https://sourceware.org/bugzilla/show_bug.cgi?id=25487", + "https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=9333498794cde1d5cca518badf79533a24114b6f" + ] + }, + { + "VulnerabilityID": "CVE-2017-7475", + "PkgName": "libcairo-gobject2", + "InstalledVersion": "1.16.0-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cairo: NULL pointer dereference with a crafted font file", + "Description": "Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.", + "Severity": "MEDIUM", + "References": [ + "http://seclists.org/oss-sec/2017/q2/151", + "https://bugs.freedesktop.org/show_bug.cgi?id=100763", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475" + ] + }, + { + "VulnerabilityID": "CVE-2017-9814", + "PkgName": "libcairo-gobject2", + "InstalledVersion": "1.16.0-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cairo: Out-of-bounds read due to mishandling of unexpected malloc(0) call", + "Description": "cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.", + "Severity": "MEDIUM", + "References": [ + "https://bugs.freedesktop.org/show_bug.cgi?id=101547", + "https://security.gentoo.org/glsa/201904-01" + ] + }, + { + "VulnerabilityID": "CVE-2018-18064", + "PkgName": "libcairo-gobject2", + "InstalledVersion": "1.16.0-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document", + "Description": "cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).", + "Severity": "MEDIUM", + "References": [ + "https://gitlab.freedesktop.org/cairo/cairo/issues/341" + ] + }, + { + "VulnerabilityID": "CVE-2019-6461", + "PkgName": "libcairo-gobject2", + "InstalledVersion": "1.16.0-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c", + "Description": "An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", + "https://gitlab.freedesktop.org/cairo/cairo/issues/352" + ] + }, + { + "VulnerabilityID": "CVE-2019-6462", + "PkgName": "libcairo-gobject2", + "InstalledVersion": "1.16.0-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c", + "Description": "An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", + "https://gitlab.freedesktop.org/cairo/cairo/issues/353" + ] + }, + { + "VulnerabilityID": "CVE-2017-7475", + "PkgName": "libcairo2", + "InstalledVersion": "1.16.0-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cairo: NULL pointer dereference with a crafted font file", + "Description": "Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.", + "Severity": "MEDIUM", + "References": [ + "http://seclists.org/oss-sec/2017/q2/151", + "https://bugs.freedesktop.org/show_bug.cgi?id=100763", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475" + ] + }, + { + "VulnerabilityID": "CVE-2017-9814", + "PkgName": "libcairo2", + "InstalledVersion": "1.16.0-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cairo: Out-of-bounds read due to mishandling of unexpected malloc(0) call", + "Description": "cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.", + "Severity": "MEDIUM", + "References": [ + "https://bugs.freedesktop.org/show_bug.cgi?id=101547", + "https://security.gentoo.org/glsa/201904-01" + ] + }, + { + "VulnerabilityID": "CVE-2018-18064", + "PkgName": "libcairo2", + "InstalledVersion": "1.16.0-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document", + "Description": "cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).", + "Severity": "MEDIUM", + "References": [ + "https://gitlab.freedesktop.org/cairo/cairo/issues/341" + ] + }, + { + "VulnerabilityID": "CVE-2019-6461", + "PkgName": "libcairo2", + "InstalledVersion": "1.16.0-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c", + "Description": "An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", + "https://gitlab.freedesktop.org/cairo/cairo/issues/352" + ] + }, + { + "VulnerabilityID": "CVE-2019-6462", + "PkgName": "libcairo2", + "InstalledVersion": "1.16.0-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c", + "Description": "An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/TeamSeri0us/pocs/tree/master/gerbv", + "https://gitlab.freedesktop.org/cairo/cairo/issues/353" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libcc1-0", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libcc1-0", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2017-8871", + "PkgName": "libcroco3", + "InstalledVersion": "0.6.12-3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libcroco: Infinite loop in the cr_parser_parse_selector_core function", + "Description": "The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.", + "Severity": "HIGH", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html", + "https://bugzilla.gnome.org/show_bug.cgi?id=782649", + "https://www.exploit-db.com/exploits/42147/" + ] + }, + { + "VulnerabilityID": "CVE-2017-8834", + "PkgName": "libcroco3", + "InstalledVersion": "0.6.12-3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libcroco: Memory allocation failure in the cr_tknzr_parse_comment function", + "Description": "The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00043.html", + "https://bugzilla.gnome.org/show_bug.cgi?id=782647", + "https://www.exploit-db.com/exploits/42147/" + ] + }, + { + "VulnerabilityID": "CVE-2014-8166", + "PkgName": "libcups2", + "InstalledVersion": "2.2.10-6+deb10u2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cups: code execution via unescape ANSI escape sequences", + "Description": "The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name.", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2015/03/24/15", + "http://www.openwall.com/lists/oss-security/2015/03/24/2", + "http://www.securityfocus.com/bid/73300", + "https://bugzilla.redhat.com/show_bug.cgi?id=1084577" + ] + }, + { + "VulnerabilityID": "CVE-2020-3898", + "PkgName": "libcups2", + "InstalledVersion": "2.2.10-6+deb10u2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "cups: heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c", + "Description": "No description is available for this CVE.", + "Severity": "MEDIUM" + }, + { + "VulnerabilityID": "CVE-2019-8842", + "PkgName": "libcups2", + "InstalledVersion": "2.2.10-6+deb10u2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Severity": "UNKNOWN" + }, + { + "VulnerabilityID": "CVE-2013-0340", + "PkgName": "libexpat1", + "InstalledVersion": "2.2.6-2+deb10u1", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "expat: internal entity expansion", + "Description": "expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.", + "Severity": "MEDIUM", + "References": [ + "http://openwall.com/lists/oss-security/2013/02/22/3", + "http://securitytracker.com/id?1028213", + "http://www.openwall.com/lists/oss-security/2013/04/12/6", + "http://www.osvdb.org/90634", + "http://www.securityfocus.com/bid/58233", + "https://security.gentoo.org/glsa/201701-21" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libgcc-8-dev", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libgcc-8-dev", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libgcc1", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libgcc1", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2018-6829", + "PkgName": "libgcrypt20", + "InstalledVersion": "1.8.4-5", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information", + "Description": "cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal", + "https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki", + "https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html", + "https://www.oracle.com/security-alerts/cpujan2020.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-12904", + "PkgName": "libgcrypt20", + "InstalledVersion": "1.8.4-5", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "Libgcrypt: physical addresses being available to other processes leads to a flush-and-reload side-channel attack", + "Description": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html", + "https://dev.gnupg.org/T4541", + "https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020", + "https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762", + "https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13627", + "PkgName": "libgcrypt20", + "InstalledVersion": "1.8.4-5", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "libgcrypt: ECDSA timing attack in the libgcrypt20 cryptographic library", + "Description": "It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00018.html", + "http://www.openwall.com/lists/oss-security/2019/10/02/2", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13627", + "https://dev.gnupg.org/T4683", + "https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5", + "https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html", + "https://lists.debian.org/debian-lts-announce/2020/01/msg00001.html", + "https://minerva.crocs.fi.muni.cz/", + "https://security-tracker.debian.org/tracker/CVE-2019-13627", + "https://security.gentoo.org/glsa/202003-32", + "https://usn.ubuntu.com/4236-1/", + "https://usn.ubuntu.com/4236-2/", + "https://usn.ubuntu.com/4236-3/" + ] + }, + { + "VulnerabilityID": "CVE-2012-0039", + "PkgName": "libglib2.0-0", + "InstalledVersion": "2.58.3-2+deb10u2", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "glib2: hash table collisions CPU usage DoS", + "Description": "** DISPUTED ** GLib 2.31.8 and earlier, when the g_str_hash function is used, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this issue may be disputed by the vendor; the existence of the g_str_hash function is not a vulnerability in the library, because callers of g_hash_table_new and g_hash_table_new_full can specify an arbitrary hash function that is appropriate for the application.", + "Severity": "MEDIUM", + "References": [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655044", + "http://mail.gnome.org/archives/gtk-devel-list/2003-May/msg00111.html", + "http://openwall.com/lists/oss-security/2012/01/10/12", + "https://bugzilla.redhat.com/show_bug.cgi?id=772720" + ] + }, + { + "VulnerabilityID": "CVE-2011-3389", + "PkgName": "libgnutls30", + "InstalledVersion": "3.6.7-4+deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)", + "Description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack.", + "Severity": "MEDIUM", + "References": [ + "http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/", + "http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx", + "http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx", + "http://curl.haxx.se/docs/adv_20120124B.html", + "http://downloads.asterisk.org/pub/security/AST-2016-001.html", + "http://ekoparty.org/2011/juliano-rizzo.php", + "http://eprint.iacr.org/2004/111", + "http://eprint.iacr.org/2006/136", + "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", + "http://isc.sans.edu/diary/SSL+TLS+part+3+/11635", + "http://linux.oracle.com/cve/CVE-2011-3389.html", + "http://linux.oracle.com/errata/ELSA-2011-1380.html", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html", + "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html", + "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html", + "http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", + "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html", + "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html", + "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html", + "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=132872385320240\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=133728004526190\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2", + "http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue", + "http://osvdb.org/74829", + "http://rhn.redhat.com/errata/RHSA-2012-0508.html", + "http://rhn.redhat.com/errata/RHSA-2013-1455.html", + "http://secunia.com/advisories/45791", + "http://secunia.com/advisories/47998", + "http://secunia.com/advisories/48256", + "http://secunia.com/advisories/48692", + "http://secunia.com/advisories/48915", + "http://secunia.com/advisories/48948", + "http://secunia.com/advisories/49198", + "http://secunia.com/advisories/55322", + "http://secunia.com/advisories/55350", + "http://secunia.com/advisories/55351", + "http://security.gentoo.org/glsa/glsa-201203-02.xml", + "http://security.gentoo.org/glsa/glsa-201406-32.xml", + "http://support.apple.com/kb/HT4999", + "http://support.apple.com/kb/HT5001", + "http://support.apple.com/kb/HT5130", + "http://support.apple.com/kb/HT5281", + "http://support.apple.com/kb/HT5501", + "http://support.apple.com/kb/HT6150", + "http://technet.microsoft.com/security/advisory/2588513", + "http://vnhacker.blogspot.com/2011/09/beast.html", + "http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf", + "http://www.debian.org/security/2012/dsa-2398", + "http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html", + "http://www.ibm.com/developerworks/java/jdk/alerts/", + "http://www.imperialviolet.org/2011/09/23/chromeandbeast.html", + "http://www.insecure.cl/Beast-SSL.rar", + "http://www.kb.cert.org/vuls/id/864643", + "http://www.mandriva.com/security/advisories?name=MDVSA-2012:058", + "http://www.opera.com/docs/changelogs/mac/1151/", + "http://www.opera.com/docs/changelogs/mac/1160/", + "http://www.opera.com/docs/changelogs/unix/1151/", + "http://www.opera.com/docs/changelogs/unix/1160/", + "http://www.opera.com/docs/changelogs/windows/1151/", + "http://www.opera.com/docs/changelogs/windows/1160/", + "http://www.opera.com/support/kb/view/1004/", + "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "http://www.redhat.com/support/errata/RHSA-2011-1384.html", + "http://www.redhat.com/support/errata/RHSA-2012-0006.html", + "http://www.securityfocus.com/bid/49388", + "http://www.securityfocus.com/bid/49778", + "http://www.securitytracker.com/id/1029190", + "http://www.securitytracker.com/id?1025997", + "http://www.securitytracker.com/id?1026103", + "http://www.securitytracker.com/id?1026704", + "http://www.ubuntu.com/usn/USN-1263-1", + "http://www.us-cert.gov/cas/techalerts/TA12-010A.html", + "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail", + "https://bugzilla.novell.com/show_bug.cgi?id=719047", + "https://bugzilla.redhat.com/show_bug.cgi?id=737506", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006", + "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862", + "https://hermes.opensuse.org/messages/13154861", + "https://hermes.opensuse.org/messages/13155432", + "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libgomp1", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libgomp1", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2018-5709", + "PkgName": "libgssapi-krb5-2", + "InstalledVersion": "1.17-3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", + "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" + ] + }, + { + "VulnerabilityID": "CVE-2004-0971", + "PkgName": "libgssapi-krb5-2", + "InstalledVersion": "1.17-3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "security flaw", + "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", + "Severity": "LOW", + "References": [ + "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", + "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", + "http://www.redhat.com/support/errata/RHSA-2005-012.html", + "http://www.securityfocus.com/bid/11289", + "http://www.trustix.org/errata/2004/0050", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497" + ] + }, + { + "VulnerabilityID": "CVE-2019-12290", + "PkgName": "libidn2-0", + "InstalledVersion": "2.0.5-1+deb10u1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.", + "Severity": "MEDIUM", + "References": [ + "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5", + "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de", + "https://gitlab.com/libidn/libidn2/merge_requests/71", + "https://usn.ubuntu.com/4168-1/" + ] + }, + { + "VulnerabilityID": "CVE-2012-2663", + "PkgName": "libip4tc0", + "InstalledVersion": "1.8.2-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "iptables: --syn flag bypass", + "Description": "extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant.", + "Severity": "HIGH", + "References": [ + "http://www.spinics.net/lists/netfilter-devel/msg21248.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=826702" + ] + }, + { + "VulnerabilityID": "CVE-2019-11360", + "PkgName": "libip4tc0", + "InstalledVersion": "1.8.2-4", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Description": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", + "Severity": "MEDIUM", + "References": [ + "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", + "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libitm1", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libitm1", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2017-9937", + "PkgName": "libjbig0", + "InstalledVersion": "2.1-3.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libtiff: memory malloc failure in tif_jbig.c could cause DOS.", + "Description": "In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.", + "Severity": "MEDIUM", + "References": [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2707", + "http://www.securityfocus.com/bid/99304" + ] + }, + { + "VulnerabilityID": "CVE-2019-2201", + "PkgName": "libjpeg62-turbo", + "InstalledVersion": "1:1.5.2-2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libjpeg-turbo: several integer overflows and subsequent segfaults when attempting to compress/decompress gigapixel images", + "Description": "In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338", + "Severity": "CRITICAL", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00047.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00048.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4QPASQPZO644STRFTLOD35RIRGWWRNI/", + "https://source.android.com/security/bulletin/2019-11-01", + "https://usn.ubuntu.com/4190-1/" + ] + }, + { + "VulnerabilityID": "CVE-2017-15232", + "PkgName": "libjpeg62-turbo", + "InstalledVersion": "1:1.5.2-2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libjpeg-turbo: NULL pointer dereference in jdpostct.c and jquant1.c", + "Description": "libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182", + "https://github.com/mozilla/mozjpeg/issues/268", + "https://usn.ubuntu.com/3706-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-1152", + "PkgName": "libjpeg62-turbo", + "InstalledVersion": "1:1.5.2-2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libjpeg-turbo: Divide by zero allows for denial of service via crafted BMP image", + "Description": "libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html", + "http://www.securityfocus.com/bid/104543", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1152", + "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6", + "https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html", + "https://usn.ubuntu.com/3706-1/", + "https://usn.ubuntu.com/3706-2/", + "https://www.tenable.com/security/research/tra-2018-17" + ] + }, + { + "VulnerabilityID": "CVE-2018-14498", + "PkgName": "libjpeg62-turbo", + "InstalledVersion": "1:1.5.2-2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service", + "Description": "get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-14498.html", + "http://linux.oracle.com/errata/ELSA-2019-3705.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14498", + "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55", + "https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258", + "https://github.com/mozilla/mozjpeg/issues/299", + "https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/" + ] + }, + { + "VulnerabilityID": "TEMP-0772585-D41D8C", + "PkgName": "libjson-glib-1.0-0", + "InstalledVersion": "1.4.4-2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Severity": "LOW" + }, + { + "VulnerabilityID": "TEMP-0772585-D41D8C", + "PkgName": "libjson-glib-1.0-common", + "InstalledVersion": "1.4.4-2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Severity": "LOW" + }, + { + "VulnerabilityID": "CVE-2018-5709", + "PkgName": "libk5crypto3", + "InstalledVersion": "1.17-3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", + "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" + ] + }, + { + "VulnerabilityID": "CVE-2004-0971", + "PkgName": "libk5crypto3", + "InstalledVersion": "1.17-3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "security flaw", + "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", + "Severity": "LOW", + "References": [ + "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", + "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", + "http://www.redhat.com/support/errata/RHSA-2005-012.html", + "http://www.securityfocus.com/bid/11289", + "http://www.trustix.org/errata/2004/0050", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497" + ] + }, + { + "VulnerabilityID": "CVE-2018-5709", + "PkgName": "libkrb5-3", + "InstalledVersion": "1.17-3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", + "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" + ] + }, + { + "VulnerabilityID": "CVE-2004-0971", + "PkgName": "libkrb5-3", + "InstalledVersion": "1.17-3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "security flaw", + "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", + "Severity": "LOW", + "References": [ + "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", + "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", + "http://www.redhat.com/support/errata/RHSA-2005-012.html", + "http://www.securityfocus.com/bid/11289", + "http://www.trustix.org/errata/2004/0050", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497" + ] + }, + { + "VulnerabilityID": "CVE-2018-5709", + "PkgName": "libkrb5support0", + "InstalledVersion": "1.17-3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "krb5: integer overflow in dbentry-\u003en_key_data in kadmin/dbutil/dump.c", + "Description": "An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable \"dbentry-\u003en_key_data\" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a \"u4\" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow" + ] + }, + { + "VulnerabilityID": "CVE-2004-0971", + "PkgName": "libkrb5support0", + "InstalledVersion": "1.17-3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "security flaw", + "Description": "The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.", + "Severity": "LOW", + "References": [ + "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136304", + "http://www.gentoo.org/security/en/glsa/glsa-200410-24.xml", + "http://www.redhat.com/support/errata/RHSA-2005-012.html", + "http://www.securityfocus.com/bid/11289", + "http://www.trustix.org/errata/2004/0050", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10497" + ] + }, + { + "VulnerabilityID": "CVE-2015-3276", + "PkgName": "libldap-2.4-2", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "openldap: incorrect multi-keyword mode cipherstring parsing", + "Description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2015-3276.html", + "http://linux.oracle.com/errata/ELSA-2015-2131.html", + "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "http://www.securitytracker.com/id/1034221", + "https://bugzilla.redhat.com/show_bug.cgi?id=1238322" + ] + }, + { + "VulnerabilityID": "CVE-2017-17740", + "PkgName": "libldap-2.4-2", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", + "Description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "http://www.openldap.org/its/index.cgi/Incoming?id=8759" + ] + }, + { + "VulnerabilityID": "CVE-2017-14159", + "PkgName": "libldap-2.4-2", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "openldap: Privilege escalation via PID file manipulation", + "Description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a \"kill `cat /pathname`\" command, as demonstrated by openldap-initscript.", + "Severity": "LOW", + "References": [ + "http://www.openldap.org/its/index.cgi?findid=8703" + ] + }, + { + "VulnerabilityID": "CVE-2015-3276", + "PkgName": "libldap-common", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "openldap: incorrect multi-keyword mode cipherstring parsing", + "Description": "The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2015-3276.html", + "http://linux.oracle.com/errata/ELSA-2015-2131.html", + "http://rhn.redhat.com/errata/RHSA-2015-2131.html", + "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "http://www.securitytracker.com/id/1034221", + "https://bugzilla.redhat.com/show_bug.cgi?id=1238322" + ] + }, + { + "VulnerabilityID": "CVE-2017-17740", + "PkgName": "libldap-common", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service", + "Description": "contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html", + "http://www.openldap.org/its/index.cgi/Incoming?id=8759" + ] + }, + { + "VulnerabilityID": "CVE-2017-14159", + "PkgName": "libldap-common", + "InstalledVersion": "2.4.47+dfsg-3+deb10u1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "openldap: Privilege escalation via PID file manipulation", + "Description": "slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a \"kill `cat /pathname`\" command, as demonstrated by openldap-initscript.", + "Severity": "LOW", + "References": [ + "http://www.openldap.org/its/index.cgi?findid=8703" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "liblsan0", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "liblsan0", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2019-17543", + "PkgName": "liblz4-1", + "InstalledVersion": "1.8.3-1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "lz4: heap-based buffer overflow in LZ4_write32", + "Description": "LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html", + "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941", + "https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2", + "https://github.com/lz4/lz4/issues/801", + "https://github.com/lz4/lz4/pull/756", + "https://github.com/lz4/lz4/pull/760", + "https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E", + "https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E" + ] + }, + { + "VulnerabilityID": "CVE-2018-15607", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: CPU Exhaustion via crafted input file", + "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-15607.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/105137", + "https://github.com/ImageMagick/ImageMagick/issues/1255", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11470", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: denial of service in cineon parsing component", + "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11470.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", + "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", + "https://github.com/ImageMagick/ImageMagick/issues/1472", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19948", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19948.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", + "https://github.com/ImageMagick/ImageMagick/issues/1562", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" + ] + }, + { + "VulnerabilityID": "CVE-2008-3134", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", + "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", + "http://secunia.com/advisories/30879", + "http://secunia.com/advisories/32151", + "http://sourceforge.net/forum/forum.php?forum_id=841176", + "http://sourceforge.net/project/shownotes.php?release_id=610253", + "http://www.securityfocus.com/bid/30055", + "http://www.securitytracker.com/id?1020413", + "http://www.vupen.com/english/advisories/2008/1984/references", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513" + ] + }, + { + "VulnerabilityID": "CVE-2016-8678", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", + "Description": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\"", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2016/10/16/2", + "http://www.openwall.com/lists/oss-security/2016/12/08/18", + "http://www.securityfocus.com/bid/93599", + "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", + "https://github.com/ImageMagick/ImageMagick/issues/272" + ] + }, + { + "VulnerabilityID": "CVE-2017-11754", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/633" + ] + }, + { + "VulnerabilityID": "CVE-2017-11755", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/634" + ] + }, + { + "VulnerabilityID": "CVE-2017-7275", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", + "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/97166", + "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", + "https://github.com/ImageMagick/ImageMagick/issues/271" + ] + }, + { + "VulnerabilityID": "CVE-2019-10649", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", + "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107645", + "https://github.com/ImageMagick/ImageMagick/issues/1533", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11472", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", + "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11472.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://github.com/ImageMagick/ImageMagick/issues/1546", + "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11597", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11597.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", + "https://github.com/ImageMagick/ImageMagick/issues/1555", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-11598", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11598.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", + "https://github.com/ImageMagick/ImageMagick/issues/1540", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-12974", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", + "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12974.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", + "https://github.com/ImageMagick/ImageMagick/issues/1515" + ] + }, + { + "VulnerabilityID": "CVE-2019-12975", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12975.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1517" + ] + }, + { + "VulnerabilityID": "CVE-2019-12976", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12976.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1520" + ] + }, + { + "VulnerabilityID": "CVE-2019-12977", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1518" + ] + }, + { + "VulnerabilityID": "CVE-2019-12978", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12978.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1519" + ] + }, + { + "VulnerabilityID": "CVE-2019-12979", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12979.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1522" + ] + }, + { + "VulnerabilityID": "CVE-2019-13135", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", + "Description": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13135.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", + "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", + "https://github.com/ImageMagick/ImageMagick/issues/1599", + "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13137", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", + "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", + "https://github.com/ImageMagick/ImageMagick/issues/1601", + "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b" + ] + }, + { + "VulnerabilityID": "CVE-2019-13295", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13295.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", + "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", + "https://github.com/ImageMagick/ImageMagick/issues/1608", + "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13297", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13297.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", + "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", + "https://github.com/ImageMagick/ImageMagick/issues/1609", + "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13300", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13300.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", + "https://github.com/ImageMagick/ImageMagick/issues/1586", + "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450" + ] + }, + { + "VulnerabilityID": "CVE-2019-13301", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks in AcquireMagickMemory", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13301.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", + "https://github.com/ImageMagick/ImageMagick/issues/1585", + "https://github.com/ImageMagick/ImageMagick/issues/1589" + ] + }, + { + "VulnerabilityID": "CVE-2019-13304", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13304.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", + "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", + "https://github.com/ImageMagick/ImageMagick/issues/1614", + "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13305", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13305.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", + "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", + "https://github.com/ImageMagick/ImageMagick/issues/1613", + "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13306", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13306.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", + "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", + "https://github.com/ImageMagick/ImageMagick/issues/1612", + "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13307", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13307.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", + "https://github.com/ImageMagick/ImageMagick/issues/1615", + "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe" + ] + }, + { + "VulnerabilityID": "CVE-2019-13308", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", + "https://github.com/ImageMagick/ImageMagick/issues/1595", + "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01" + ] + }, + { + "VulnerabilityID": "CVE-2019-13309", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13309.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" + ] + }, + { + "VulnerabilityID": "CVE-2019-13310", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13310.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" + ] + }, + { + "VulnerabilityID": "CVE-2019-13311", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13311.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", + "https://github.com/ImageMagick/ImageMagick/issues/1623", + "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91" + ] + }, + { + "VulnerabilityID": "CVE-2019-13391", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", + "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", + "https://github.com/ImageMagick/ImageMagick/issues/1588", + "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984" + ] + }, + { + "VulnerabilityID": "CVE-2019-13454", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", + "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13454.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "http://www.securityfocus.com/bid/109099", + "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", + "https://github.com/ImageMagick/ImageMagick/issues/1629", + "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4" + ] + }, + { + "VulnerabilityID": "CVE-2019-14981", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", + "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-14981.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", + "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", + "https://github.com/ImageMagick/ImageMagick/issues/1552", + "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15139", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", + "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15139.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", + "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", + "https://github.com/ImageMagick/ImageMagick/issues/1553", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15140", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", + "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15140.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", + "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", + "https://github.com/ImageMagick/ImageMagick/issues/1554", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-16708", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in magick/xwindow.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16708.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16709", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dps.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16709.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531" + ] + }, + { + "VulnerabilityID": "CVE-2019-16710", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16710.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1528", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16711", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", + "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16711.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1542", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16712", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16712.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1557" + ] + }, + { + "VulnerabilityID": "CVE-2019-16713", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16713.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1558", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19949", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19949.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", + "https://github.com/ImageMagick/ImageMagick/issues/1561", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-7175", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", + "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-7175.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "https://github.com/ImageMagick/ImageMagick/issues/1450" + ] + }, + { + "VulnerabilityID": "CVE-2019-7395", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106850", + "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", + "https://github.com/ImageMagick/ImageMagick/issues/1451" + ] + }, + { + "VulnerabilityID": "CVE-2019-7396", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://www.securityfocus.com/bid/106849", + "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", + "https://github.com/ImageMagick/ImageMagick/issues/1452", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-7397", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", + "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", + "Severity": "MEDIUM", + "References": [ + "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", + "http://linux.oracle.com/cve/CVE-2019-7397.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106847", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", + "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", + "https://github.com/ImageMagick/ImageMagick/issues/1454" + ] + }, + { + "VulnerabilityID": "CVE-2019-7398", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-7398.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106848", + "https://github.com/ImageMagick/ImageMagick/issues/1453" + ] + }, + { + "VulnerabilityID": "CVE-2020-10251", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", + "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/1859" + ] + }, + { + "VulnerabilityID": "CVE-2005-0406", + "PkgName": "libmagickcore-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", + "Severity": "LOW", + "References": [ + "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", + "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt" + ] + }, + { + "VulnerabilityID": "CVE-2018-15607", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: CPU Exhaustion via crafted input file", + "Description": "In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-15607.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/105137", + "https://github.com/ImageMagick/ImageMagick/issues/1255", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11470", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: denial of service in cineon parsing component", + "Description": "The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11470.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", + "https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957", + "https://github.com/ImageMagick/ImageMagick/issues/1472", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19948", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow in WriteSGIImage in coders/sgi.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19948.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", + "https://github.com/ImageMagick/ImageMagick/issues/1562", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" + ] + }, + { + "VulnerabilityID": "CVE-2008-3134", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "GraphicsMagick/ImageMagick: multiple crash or DoS issues", + "Description": "Multiple unspecified vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via (a) unspecified vectors in the (1) AVI, (2) AVS, (3) DCM, (4) EPT, (5) FITS, (6) MTV, (7) PALM, (8) RLA, and (9) TGA decoder readers; and (b) the GetImageCharacteristics function in magick/image.c, as reachable from a crafted (10) PNG, (11) JPEG, (12) BMP, or (13) TIFF file.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html", + "http://secunia.com/advisories/30879", + "http://secunia.com/advisories/32151", + "http://sourceforge.net/forum/forum.php?forum_id=841176", + "http://sourceforge.net/project/shownotes.php?release_id=610253", + "http://www.securityfocus.com/bid/30055", + "http://www.securitytracker.com/id?1020413", + "http://www.vupen.com/english/advisories/2008/1984/references", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43511", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/43513" + ] + }, + { + "VulnerabilityID": "CVE-2016-8678", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Heap-buffer overflow in IsPixelMonochrome", + "Description": "The IsPixelMonochrome function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3.0 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted file. NOTE: the vendor says \"This is a Q64 issue and we do not support Q64.\"", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2016/10/16/2", + "http://www.openwall.com/lists/oss-security/2016/12/08/18", + "http://www.securityfocus.com/bid/93599", + "https://bugzilla.redhat.com/show_bug.cgi?id=1385694", + "https://github.com/ImageMagick/ImageMagick/issues/272" + ] + }, + { + "VulnerabilityID": "CVE-2017-11754", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an OpenPixelCache call.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/633" + ] + }, + { + "VulnerabilityID": "CVE-2017-11755", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in WritePICONImage function via mishandled AcquireSemaphoreInfo call", + "Description": "The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file that is mishandled in an AcquireSemaphoreInfo call.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/634" + ] + }, + { + "VulnerabilityID": "CVE-2017-7275", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory allocation failure in AcquireMagickMemory (incomplete fix for CVE-2016-8866)", + "Description": "The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/97166", + "https://blogs.gentoo.org/ago/2017/03/27/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862-and-cve-2016-8866/", + "https://github.com/ImageMagick/ImageMagick/issues/271" + ] + }, + { + "VulnerabilityID": "CVE-2019-10649", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", + "Description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/107645", + "https://github.com/ImageMagick/ImageMagick/issues/1533", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11472", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", + "Description": "ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11472.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html", + "https://github.com/ImageMagick/ImageMagick/issues/1546", + "https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11597", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11597.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", + "https://github.com/ImageMagick/ImageMagick/issues/1555", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-11598", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", + "Description": "In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-11598.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108102", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", + "https://github.com/ImageMagick/ImageMagick/issues/1540", + "https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-12974", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", + "Description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12974.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", + "https://github.com/ImageMagick/ImageMagick/issues/1515" + ] + }, + { + "VulnerabilityID": "CVE-2019-12975", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12975.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1517" + ] + }, + { + "VulnerabilityID": "CVE-2019-12976", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", + "Description": "ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12976.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1520" + ] + }, + { + "VulnerabilityID": "CVE-2019-12977", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the WriteJP2Image function in coders/jp2.c.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1518" + ] + }, + { + "VulnerabilityID": "CVE-2019-12978", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12978.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1519" + ] + }, + { + "VulnerabilityID": "CVE-2019-12979", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", + "Description": "ImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12979.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://www.securityfocus.com/bid/108913", + "https://github.com/ImageMagick/ImageMagick/issues/1522" + ] + }, + { + "VulnerabilityID": "CVE-2019-13135", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", + "Description": "ImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13135.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", + "https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d", + "https://github.com/ImageMagick/ImageMagick/issues/1599", + "https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13137", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", + "Description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/35ccb468ee2dcbe8ce9cf1e2f1957acc27f54c34", + "https://github.com/ImageMagick/ImageMagick/issues/1601", + "https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b" + ] + }, + { + "VulnerabilityID": "CVE-2019-13295", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13295.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", + "https://github.com/ImageMagick/ImageMagick/commit/a7759f410b773a1dd57b0e1fb28112e1cd8b97bc", + "https://github.com/ImageMagick/ImageMagick/issues/1608", + "https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13297", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13297.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", + "https://github.com/ImageMagick/ImageMagick/commit/604588fc35c7585abb7a9e71f69bb82e4389fefc", + "https://github.com/ImageMagick/ImageMagick/issues/1609", + "https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13300", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13300.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/a906fe9298bf89e01d5272023db687935068849a", + "https://github.com/ImageMagick/ImageMagick/issues/1586", + "https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450" + ] + }, + { + "VulnerabilityID": "CVE-2019-13301", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks in AcquireMagickMemory", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13301.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/f595a1985233c399a05c0c37cc41de16a90dd025", + "https://github.com/ImageMagick/ImageMagick/issues/1585", + "https://github.com/ImageMagick/ImageMagick/issues/1589" + ] + }, + { + "VulnerabilityID": "CVE-2019-13304", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13304.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", + "https://github.com/ImageMagick/ImageMagick/commit/7689875ef64f34141e7292f6945efdf0530b4a5e", + "https://github.com/ImageMagick/ImageMagick/issues/1614", + "https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13305", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13305.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", + "https://github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888", + "https://github.com/ImageMagick/ImageMagick/issues/1613", + "https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13306", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors", + "Description": "ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13306.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", + "https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd", + "https://github.com/ImageMagick/ImageMagick/issues/1612", + "https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa", + "https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-13307", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13307.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48", + "https://github.com/ImageMagick/ImageMagick/issues/1615", + "https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe" + ] + }, + { + "VulnerabilityID": "CVE-2019-13308", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", + "Description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/61135001a625364e29bdce83832f043eebde7b5a", + "https://github.com/ImageMagick/ImageMagick/issues/1595", + "https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01" + ] + }, + { + "VulnerabilityID": "CVE-2019-13309", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13309.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" + ] + }, + { + "VulnerabilityID": "CVE-2019-13310", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13310.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/5f21230b657ccd65452dd3d94c5b5401ba691a2d", + "https://github.com/ImageMagick/ImageMagick/issues/1616", + "https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51" + ] + }, + { + "VulnerabilityID": "CVE-2019-13311", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", + "Description": "ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13311.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/4a334bbf5584de37c6f5a47c380a531c8c4b140a", + "https://github.com/ImageMagick/ImageMagick/issues/1623", + "https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91" + ] + }, + { + "VulnerabilityID": "CVE-2019-13391", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", + "Description": "In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "https://github.com/ImageMagick/ImageMagick/commit/7c2c5ba5b8e3a0b2b82f56c71dfab74ed4006df7", + "https://github.com/ImageMagick/ImageMagick/issues/1588", + "https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984" + ] + }, + { + "VulnerabilityID": "CVE-2019-13454", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", + "Description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-13454.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", + "http://www.securityfocus.com/bid/109099", + "https://github.com/ImageMagick/ImageMagick/commit/1ddcf2e4f28029a888cadef2e757509ef5047ad8", + "https://github.com/ImageMagick/ImageMagick/issues/1629", + "https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4" + ] + }, + { + "VulnerabilityID": "CVE-2019-14981", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", + "Description": "In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-14981.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", + "https://github.com/ImageMagick/ImageMagick/commit/a77d8d97f5a7bced0468f0b08798c83fb67427bc", + "https://github.com/ImageMagick/ImageMagick/issues/1552", + "https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15139", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", + "Description": "The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than CVE-2019-11472.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15139.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", + "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", + "https://github.com/ImageMagick/ImageMagick/issues/1553", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15140", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Use after free in ReadMATImage in coders/mat.c", + "Description": "coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15140.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", + "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", + "https://github.com/ImageMagick/ImageMagick/issues/1554", + "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-16708", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in magick/xwindow.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16708.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16709", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dps.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16709.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", + "https://github.com/ImageMagick/ImageMagick/issues/1531" + ] + }, + { + "VulnerabilityID": "CVE-2019-16710", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16710.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1528", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16711", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", + "Description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16711.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1542", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16712", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16712.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1557" + ] + }, + { + "VulnerabilityID": "CVE-2019-16713", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: memory leak in coders/dot.c", + "Description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16713.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", + "https://github.com/ImageMagick/ImageMagick/issues/1558", + "https://usn.ubuntu.com/4192-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19949", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", + "Description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19949.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", + "https://github.com/ImageMagick/ImageMagick/issues/1561", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-7175", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", + "Description": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-7175.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", + "https://github.com/ImageMagick/ImageMagick/issues/1450" + ] + }, + { + "VulnerabilityID": "CVE-2019-7395", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106850", + "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", + "https://github.com/ImageMagick/ImageMagick/issues/1451" + ] + }, + { + "VulnerabilityID": "CVE-2019-7396", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://www.securityfocus.com/bid/106849", + "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", + "https://github.com/ImageMagick/ImageMagick/issues/1452", + "https://usn.ubuntu.com/4034-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-7397", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", + "Description": "In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.", + "Severity": "MEDIUM", + "References": [ + "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", + "http://linux.oracle.com/cve/CVE-2019-7397.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106847", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", + "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", + "https://github.com/ImageMagick/ImageMagick/issues/1454" + ] + }, + { + "VulnerabilityID": "CVE-2019-7398", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", + "Description": "In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-7398.html", + "http://linux.oracle.com/errata/ELSA-2020-1180.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", + "http://www.securityfocus.com/bid/106848", + "https://github.com/ImageMagick/ImageMagick/issues/1453" + ] + }, + { + "VulnerabilityID": "CVE-2020-10251", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", + "Description": "In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/ImageMagick/ImageMagick/issues/1859" + ] + }, + { + "VulnerabilityID": "CVE-2005-0406", + "PkgName": "libmagickwand-6.q16-6", + "InstalledVersion": "8:6.9.10.23+dfsg-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Description": "A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.", + "Severity": "LOW", + "References": [ + "http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html", + "http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libmpx2", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libmpx2", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "TEMP-0000000-A4EF31", + "PkgName": "libnghttp2-14", + "InstalledVersion": "1.36.0-2+deb10u1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Severity": "LOW" + }, + { + "VulnerabilityID": "CVE-2017-17479", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: Stack-buffer overflow in the pgxtoimage function", + "Description": "In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.", + "Severity": "HIGH", + "References": [ + "https://github.com/uclouvain/openjpeg/issues/1044" + ] + }, + { + "VulnerabilityID": "CVE-2018-7648", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Description": "An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.", + "Severity": "HIGH", + "References": [ + "https://github.com/kbabioch/openjpeg/commit/6d8c0c06ee32dc03ba80acd48334e98728e56cf5", + "https://github.com/uclouvain/openjpeg/issues/1088" + ] + }, + { + "VulnerabilityID": "CVE-2016-10505", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: NULL pointer dereference in imagetopnm function in convert.c", + "Description": "NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/uclouvain/openjpeg/issues/776", + "https://github.com/uclouvain/openjpeg/issues/784", + "https://github.com/uclouvain/openjpeg/issues/785", + "https://github.com/uclouvain/openjpeg/issues/792", + "https://security.gentoo.org/glsa/201710-26" + ] + }, + { + "VulnerabilityID": "CVE-2016-10506", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: Division by zero in functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c", + "Description": "Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/100573", + "https://github.com/uclouvain/openjpeg/commit/d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b", + "https://github.com/uclouvain/openjpeg/issues/731", + "https://github.com/uclouvain/openjpeg/issues/732", + "https://github.com/uclouvain/openjpeg/issues/777", + "https://github.com/uclouvain/openjpeg/issues/778", + "https://github.com/uclouvain/openjpeg/issues/779", + "https://github.com/uclouvain/openjpeg/issues/780", + "https://security.gentoo.org/glsa/201710-26" + ] + }, + { + "VulnerabilityID": "CVE-2016-9113", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", + "Description": "There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image-\u003ecomps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/93980", + "https://github.com/uclouvain/openjpeg/issues/856", + "https://security.gentoo.org/glsa/201710-26" + ] + }, + { + "VulnerabilityID": "CVE-2016-9114", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", + "Description": "There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image-\u003ecomps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/93979", + "https://github.com/uclouvain/openjpeg/issues/857", + "https://security.gentoo.org/glsa/201710-26" + ] + }, + { + "VulnerabilityID": "CVE-2016-9115", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", + "Description": "Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/93977", + "https://github.com/uclouvain/openjpeg/issues/858", + "https://security.gentoo.org/glsa/201710-26" + ] + }, + { + "VulnerabilityID": "CVE-2016-9116", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", + "Description": "NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/93975", + "https://github.com/uclouvain/openjpeg/issues/859", + "https://security.gentoo.org/glsa/201710-26" + ] + }, + { + "VulnerabilityID": "CVE-2016-9117", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues", + "Description": "NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/93783", + "https://github.com/uclouvain/openjpeg/issues/860", + "https://security.gentoo.org/glsa/201710-26" + ] + }, + { + "VulnerabilityID": "CVE-2016-9580", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg2: Integer overflow in tiftoimage causes heap buffer overflow", + "Description": "An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/94822", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9580", + "https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255", + "https://github.com/uclouvain/openjpeg/issues/871", + "https://security.gentoo.org/glsa/201710-26" + ] + }, + { + "VulnerabilityID": "CVE-2016-9581", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg2: Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1", + "Description": "An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/94822", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9581", + "https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255", + "https://github.com/uclouvain/openjpeg/issues/872", + "https://security.gentoo.org/glsa/201710-26" + ] + }, + { + "VulnerabilityID": "CVE-2018-16375", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: Heap-based buffer overflow in pnmtoimage function in bin/jpwl/convert.c", + "Description": "An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/105266", + "https://github.com/uclouvain/openjpeg/issues/1126" + ] + }, + { + "VulnerabilityID": "CVE-2018-16376", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: Heap-based buffer overflow in function t2_encode_packet in src/lib/openmj2/t2.c", + "Description": "An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/105262", + "https://github.com/uclouvain/openjpeg/issues/1127" + ] + }, + { + "VulnerabilityID": "CVE-2018-20845", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: division-by-zero in function pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c", + "Description": "Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108921", + "https://github.com/uclouvain/openjpeg/pull/1168/commits/c5bd64ea146162967c29bd2af0cbb845ba3eaaaf" + ] + }, + { + "VulnerabilityID": "CVE-2018-20846", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c leads to denial of service", + "Description": "Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108921", + "https://github.com/uclouvain/openjpeg/pull/1168/commits/c277159986c80142180fbe5efb256bbf3bdf3edc" + ] + }, + { + "VulnerabilityID": "CVE-2018-5727", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: integer overflow in opj_t1_encode_cblks in src/lib/openjp2/t1.c", + "Description": "In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/uclouvain/openjpeg/issues/1053" + ] + }, + { + "VulnerabilityID": "CVE-2019-12973", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c", + "Description": "In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html", + "http://www.securityfocus.com/bid/108900", + "https://github.com/uclouvain/openjpeg/commit/8ee335227bbcaf1614124046aa25e53d67b11ec3", + "https://github.com/uclouvain/openjpeg/pull/1185/commits/cbe7384016083eac16078b359acd7a842253d503" + ] + }, + { + "VulnerabilityID": "CVE-2019-6988", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: DoS via memory exhaustion in opj_decompress", + "Description": "An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/106785", + "https://github.com/uclouvain/openjpeg/issues/1178" + ] + }, + { + "VulnerabilityID": "CVE-2020-6851", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor()", + "Description": "OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-6851.html", + "http://linux.oracle.com/errata/ELSA-2020-0274.html", + "https://access.redhat.com/errata/RHSA-2020:0262", + "https://access.redhat.com/errata/RHSA-2020:0274", + "https://access.redhat.com/errata/RHSA-2020:0296", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851", + "https://github.com/uclouvain/openjpeg/issues/1228", + "https://lists.debian.org/debian-lts-announce/2020/01/msg00025.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LACIIDDCKZJEPKTTFILSOSBQL7L3FC6V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBRMI2D3XPVWKE3V52KRBW7BJVLS5LD3/" + ] + }, + { + "VulnerabilityID": "CVE-2020-8112", + "PkgName": "libopenjp2-7", + "InstalledVersion": "2.3.0-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c", + "Description": "opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-8112.html", + "http://linux.oracle.com/errata/ELSA-2020-0570.html", + "https://access.redhat.com/errata/RHSA-2020:0550", + "https://access.redhat.com/errata/RHSA-2020:0569", + "https://access.redhat.com/errata/RHSA-2020:0570", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112", + "https://github.com/uclouvain/openjpeg/issues/1231", + "https://lists.debian.org/debian-lts-announce/2020/01/msg00035.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFEVEKETJV7GOXD5RDWL35ESEDHC663E/" + ] + }, + { + "VulnerabilityID": "CVE-2019-3843", + "PkgName": "libpam-systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108116", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://security.netapp.com/advisory/ntap-20190619-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-3844", + "PkgName": "libpam-systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108096", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2020-1712", + "PkgName": "libpam-systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: use-after-free when asynchronous polkit queries are performed", + "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-1712.html", + "http://linux.oracle.com/errata/ELSA-2020-0575.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", + "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", + "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", + "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", + "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", + "https://www.openwall.com/lists/oss-security/2020/02/05/1" + ] + }, + { + "VulnerabilityID": "CVE-2013-4392", + "PkgName": "libpam-systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", + "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "Severity": "LOW", + "References": [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060" + ] + }, + { + "VulnerabilityID": "CVE-2019-20386", + "PkgName": "libpam-systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", + "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://usn.ubuntu.com/4269-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-20454", + "PkgName": "libpcre2-8-0", + "InstalledVersion": "10.32-5", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "pcre: out-of-bounds read in JIT mode when \\X is used in non-UTF mode", + "Description": "An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \\X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.", + "Severity": "MEDIUM", + "References": [ + "https://bugs.exim.org/show_bug.cgi?id=2421", + "https://bugs.php.net/bug.php?id=78338", + "https://bugzilla.redhat.com/show_bug.cgi?id=1735494", + "https://vcs.pcre.org/pcre2?view=revision\u0026revision=1092" + ] + }, + { + "VulnerabilityID": "CVE-2017-11164", + "PkgName": "libpcre3", + "InstalledVersion": "2:8.39-12", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "pcre: OP_KETRMAX feature in the match function in pcre_exec.c", + "Description": "In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.", + "Severity": "HIGH", + "References": [ + "http://openwall.com/lists/oss-security/2017/07/11/3", + "http://www.securityfocus.com/bid/99575" + ] + }, + { + "VulnerabilityID": "CVE-2017-7245", + "PkgName": "libpcre3", + "InstalledVersion": "2:8.39-12", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "Description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://security.gentoo.org/glsa/201710-25" + ] + }, + { + "VulnerabilityID": "CVE-2017-7246", + "PkgName": "libpcre3", + "InstalledVersion": "2:8.39-12", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "pcre: stack-based buffer overflow write in pcre32_copy_substring", + "Description": "Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/97067", + "https://access.redhat.com/errata/RHSA-2018:2486", + "https://blogs.gentoo.org/ago/2017/03/20/libpcre-two-stack-based-buffer-overflow-write-in-pcre32_copy_substring-pcre_get-c/", + "https://security.gentoo.org/glsa/201710-25" + ] + }, + { + "VulnerabilityID": "CVE-2017-16231", + "PkgName": "libpcre3", + "InstalledVersion": "2:8.39-12", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "pcre: self-recursive call in match() in pcre_exec.c leads to denial of service", + "Description": "** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.", + "Severity": "LOW", + "References": [ + "http://packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html", + "http://seclists.org/fulldisclosure/2018/Dec/33", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101688", + "https://bugs.exim.org/show_bug.cgi?id=2047" + ] + }, + { + "VulnerabilityID": "CVE-2011-4116", + "PkgName": "libperl5.28", + "InstalledVersion": "5.28.1-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "perl: File::Temp insecure temporary file handling", + "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238" + ] + }, + { + "VulnerabilityID": "CVE-2018-14048", + "PkgName": "libpng16-16", + "InstalledVersion": "1.6.36-6", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libpng: Segmentation fault in png.c:png_free_data function causing denial of service", + "Description": "An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.", + "Severity": "MEDIUM", + "References": [ + "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html", + "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "https://github.com/fouzhe/security/tree/master/libpng", + "https://github.com/glennrp/libpng/issues/238", + "https://seclists.org/bugtraq/2019/Apr/30", + "https://security.gentoo.org/glsa/201908-02" + ] + }, + { + "VulnerabilityID": "CVE-2018-14550", + "PkgName": "libpng16-16", + "InstalledVersion": "1.6.36-6", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libpng: Stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_token() potentially leading to arbitrary code execution", + "Description": "An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/fouzhe/security/tree/master/libpng#stack-buffer-overflow-in-png2pnm-in-function-get_token", + "https://github.com/glennrp/libpng/issues/246", + "https://security.gentoo.org/glsa/201908-02" + ] + }, + { + "VulnerabilityID": "CVE-2019-6129", + "PkgName": "libpng16-16", + "InstalledVersion": "1.6.36-6", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libpng: memory leak of png_info struct in pngcp.c", + "Description": "** DISPUTED ** png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated \"I don't think it is libpng's job to free this buffer.\"", + "Severity": "MEDIUM", + "References": [ + "https://github.com/glennrp/libpng/issues/269", + "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" + ] + }, + { + "VulnerabilityID": "CVE-2020-8492", + "PkgName": "libpython3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", + "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", + "Severity": "HIGH", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue39503", + "https://github.com/python/cpython/pull/18284", + "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", + "https://security.netapp.com/advisory/ntap-20200221-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2017-17522", + "PkgName": "libpython3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: Command injection in Lib/webbrowser.py", + "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/102207", + "https://bugs.python.org/issue32367", + "https://security-tracker.debian.org/tracker/CVE-2017-17522" + ] + }, + { + "VulnerabilityID": "CVE-2019-18348", + "PkgName": "libpython3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: CRLF injection via the host part of the url passed to urlopen()", + "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", + "Severity": "MEDIUM", + "References": [ + "https://bugs.python.org/issue30458#msg347282", + "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", + "https://security.netapp.com/advisory/ntap-20191107-0004/" + ] + }, + { + "VulnerabilityID": "CVE-2019-9674", + "PkgName": "libpython3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", + "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue36260", + "https://bugs.python.org/issue36462", + "https://github.com/python/cpython/blob/master/Lib/zipfile.py", + "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", + "https://security.netapp.com/advisory/ntap-20200221-0003/", + "https://www.python.org/news/security/" + ] + }, + { + "VulnerabilityID": "CVE-2020-8492", + "PkgName": "libpython3.7-stdlib", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", + "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", + "Severity": "HIGH", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue39503", + "https://github.com/python/cpython/pull/18284", + "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", + "https://security.netapp.com/advisory/ntap-20200221-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2017-17522", + "PkgName": "libpython3.7-stdlib", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: Command injection in Lib/webbrowser.py", + "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/102207", + "https://bugs.python.org/issue32367", + "https://security-tracker.debian.org/tracker/CVE-2017-17522" + ] + }, + { + "VulnerabilityID": "CVE-2019-18348", + "PkgName": "libpython3.7-stdlib", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: CRLF injection via the host part of the url passed to urlopen()", + "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", + "Severity": "MEDIUM", + "References": [ + "https://bugs.python.org/issue30458#msg347282", + "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", + "https://security.netapp.com/advisory/ntap-20191107-0004/" + ] + }, + { + "VulnerabilityID": "CVE-2019-9674", + "PkgName": "libpython3.7-stdlib", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", + "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue36260", + "https://bugs.python.org/issue36462", + "https://github.com/python/cpython/blob/master/Lib/zipfile.py", + "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", + "https://security.netapp.com/advisory/ntap-20200221-0003/", + "https://www.python.org/news/security/" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libquadmath0", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libquadmath0", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2019-20446", + "PkgName": "librsvg2-2", + "InstalledVersion": "2.44.10-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "librsvg: Resource exhaustion via crafted SVG file with nested patterns", + "Description": "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", + "https://gitlab.gnome.org/GNOME/librsvg/issues/515", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/" + ] + }, + { + "VulnerabilityID": "CVE-2019-20446", + "PkgName": "librsvg2-bin", + "InstalledVersion": "2.44.10-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "librsvg: Resource exhaustion via crafted SVG file with nested patterns", + "Description": "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", + "https://gitlab.gnome.org/GNOME/librsvg/issues/515", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/" + ] + }, + { + "VulnerabilityID": "CVE-2019-20446", + "PkgName": "librsvg2-common", + "InstalledVersion": "2.44.10-2.1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "librsvg: Resource exhaustion via crafted SVG file with nested patterns", + "Description": "In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00024.html", + "https://gitlab.gnome.org/GNOME/librsvg/issues/515", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/" + ] + }, + { + "VulnerabilityID": "CVE-2019-9893", + "PkgName": "libseccomp2", + "InstalledVersion": "2.3.3-4", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "libseccomp: incorrect generation of syscall filters in libseccomp", + "Description": "libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-9893.html", + "http://linux.oracle.com/errata/ELSA-2019-3624.html", + "https://github.com/seccomp/libseccomp/issues/139", + "https://seclists.org/oss-sec/2019/q1/179", + "https://security.gentoo.org/glsa/201904-18", + "https://usn.ubuntu.com/4001-1/", + "https://usn.ubuntu.com/4001-2/" + ] + }, + { + "VulnerabilityID": "CVE-2020-11656", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: use-after-free in the ALTER TABLE implementation", + "Description": "In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.", + "Severity": "HIGH", + "References": [ + "https://security.netapp.com/advisory/ntap-20200416-0001/", + "https://www.sqlite.org/src/info/d09f8c3621d5f7f8", + "https://www3.sqlite.org/cgi/src/info/b64674919f673602" + ] + }, + { + "VulnerabilityID": "CVE-2019-16168", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: division by zero in whereLoopAddBtreeIndex in sqlite3.c", + "Description": "In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a \"severe division by zero in the query planner.\"", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00032.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00033.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XZARJHJJDBHI7CE5PZEBXS5HKK6HXKW2/", + "https://security.netapp.com/advisory/ntap-20190926-0003/", + "https://security.netapp.com/advisory/ntap-20200122-0003/", + "https://usn.ubuntu.com/4205-1/", + "https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg116312.html", + "https://www.oracle.com/security-alerts/cpujan2020.html", + "https://www.sqlite.org/src/info/e4598ecbdd18bd82945f6029013296690e719a62", + "https://www.sqlite.org/src/timeline?c=98357d8c1263920b" + ] + }, + { + "VulnerabilityID": "CVE-2019-19242", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: SQL injection in sqlite3ExprCodeTarget in expr.c", + "Description": "SQLite 3.30.1 mishandles pExpr-\u003ey.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/sqlite/sqlite/commit/57f7ece78410a8aae86aa4625fb7556897db384c", + "https://usn.ubuntu.com/4205-1/", + "https://www.oracle.com/security-alerts/cpuapr2020.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-19244", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain ORDER BY usage", + "Description": "sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348", + "https://usn.ubuntu.com/4205-1/", + "https://www.oracle.com/security-alerts/cpuapr2020.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-19603", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: mishandles certain SELECT statements with a nonexistent VIEW, leading to DoS", + "Description": "SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/sqlite/sqlite/commit/527cbd4a104cb93bf3994b3dd3619a6299a78b13", + "https://security.netapp.com/advisory/ntap-20191223-0001/", + "https://www.oracle.com/security-alerts/cpuapr2020.html", + "https://www.sqlite.org/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19923", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference", + "Description": "flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).", + "Severity": "MEDIUM", + "References": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19923", + "https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35", + "https://security.netapp.com/advisory/ntap-20200114-0003/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19924", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting", + "Description": "SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/sqlite/sqlite/commit/8654186b0236d556aa85528c2573ee0b6ab71be3", + "https://security.netapp.com/advisory/ntap-20200114-0003/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19925", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive", + "Description": "zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.", + "Severity": "MEDIUM", + "References": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19925", + "https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618", + "https://security.netapp.com/advisory/ntap-20200114-0003/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19959", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames", + "Description": "ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec", + "https://github.com/sqlite/sqlite/commit/d8f2d46cbc9925e034a68aaaf60aad788d9373c1", + "https://security.netapp.com/advisory/ntap-20200204-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-20218", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error", + "Description": "selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/sqlite/sqlite/commit/a6c1a71cde082e09750465d5675699062922e387", + "https://usn.ubuntu.com/4298-1/" + ] + }, + { + "VulnerabilityID": "CVE-2020-11655", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: malformed window-function query leads to DoS", + "Description": "SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.", + "Severity": "MEDIUM", + "References": [ + "https://security.netapp.com/advisory/ntap-20200416-0001/", + "https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11", + "https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c" + ] + }, + { + "VulnerabilityID": "CVE-2020-9327", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations", + "Description": "In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.", + "Severity": "MEDIUM", + "References": [ + "https://security.gentoo.org/glsa/202003-16", + "https://security.netapp.com/advisory/ntap-20200313-0002/", + "https://usn.ubuntu.com/4298-1/", + "https://www.sqlite.org/cgi/src/info/4374860b29383380", + "https://www.sqlite.org/cgi/src/info/9d0d4ab95dc0c56e", + "https://www.sqlite.org/cgi/src/info/abc473fb8fb99900" + ] + }, + { + "VulnerabilityID": "CVE-2019-19645", + "PkgName": "libsqlite3-0", + "InstalledVersion": "3.27.2-3", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements", + "Description": "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.", + "Severity": "LOW", + "References": [ + "https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06", + "https://security.netapp.com/advisory/ntap-20191223-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-13115", + "PkgName": "libssh2-1", + "InstalledVersion": "1.8.0-2.1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "libssh2: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c leads to out-of-bounds write", + "Description": "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.", + "Severity": "MEDIUM", + "References": [ + "https://blog.semmle.com/libssh2-integer-overflow/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115", + "https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa", + "https://github.com/libssh2/libssh2/pull/350", + "https://libssh2.org/changes.html", + "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-17498", + "PkgName": "libssh2-1", + "InstalledVersion": "1.8.0-2.1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c", + "Description": "In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html", + "https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17498", + "https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498", + "https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480", + "https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94", + "https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/" + ] + }, + { + "VulnerabilityID": "CVE-2007-6755", + "PkgName": "libssl1.1", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "Dual_EC_DRBG: weak pseudo random number generator", + "Description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain \"skeleton key\" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "Severity": "MEDIUM", + "References": [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html" + ] + }, + { + "VulnerabilityID": "CVE-2010-0928", + "PkgName": "libssl1.1", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "openssl: RSA authentication weakness", + "Description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a \"fault-based attack.\"", + "Severity": "MEDIUM", + "References": [ + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750" + ] + }, + { + "VulnerabilityID": "CVE-2019-1551", + "PkgName": "libssl1.1", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", + "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", + "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", + "https://github.com/openssl/openssl/pull/10575", + "https://seclists.org/bugtraq/2019/Dec/39", + "https://seclists.org/bugtraq/2019/Dec/46", + "https://security.netapp.com/advisory/ntap-20191210-0001/", + "https://www.debian.org/security/2019/dsa-4594", + "https://www.openssl.org/news/secadv/20191206.txt", + "https://www.tenable.com/security/tns-2019-09" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libstdc++-8-dev", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libstdc++-8-dev", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libstdc++6", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libstdc++6", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2019-3843", + "PkgName": "libsystemd0", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108116", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://security.netapp.com/advisory/ntap-20190619-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-3844", + "PkgName": "libsystemd0", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108096", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2020-1712", + "PkgName": "libsystemd0", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "systemd: use-after-free when asynchronous polkit queries are performed", + "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-1712.html", + "http://linux.oracle.com/errata/ELSA-2020-0575.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", + "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", + "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", + "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", + "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", + "https://www.openwall.com/lists/oss-security/2020/02/05/1" + ] + }, + { + "VulnerabilityID": "CVE-2013-4392", + "PkgName": "libsystemd0", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", + "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "Severity": "LOW", + "References": [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060" + ] + }, + { + "VulnerabilityID": "CVE-2019-20386", + "PkgName": "libsystemd0", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", + "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://usn.ubuntu.com/4269-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-1000654", + "PkgName": "libtasn1-6", + "InstalledVersion": "4.13-3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion", + "Description": "GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file.", + "Severity": "HIGH", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html", + "http://www.securityfocus.com/bid/105151", + "https://gitlab.com/gnutls/libtasn1/issues/4" + ] + }, + { + "VulnerabilityID": "CVE-2017-9117", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libtiff: Heap-based buffer over-read in bmp2tiff", + "Description": "In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.", + "Severity": "HIGH", + "References": [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2690", + "http://www.securityfocus.com/bid/98581", + "https://usn.ubuntu.com/3606-1/" + ] + }, + { + "VulnerabilityID": "CVE-2014-8130", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libtiff: divide by zero in the tiffdither tool", + "Description": "The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.", + "Severity": "MEDIUM", + "References": [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2483", + "http://linux.oracle.com/cve/CVE-2014-8130.html", + "http://linux.oracle.com/errata/ELSA-2016-1547.html", + "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html", + "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", + "http://openwall.com/lists/oss-security/2015/01/24/15", + "http://rhn.redhat.com/errata/RHSA-2016-1546.html", + "http://rhn.redhat.com/errata/RHSA-2016-1547.html", + "http://support.apple.com/kb/HT204941", + "http://support.apple.com/kb/HT204942", + "http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txt", + "http://www.securityfocus.com/bid/72353", + "http://www.securitytracker.com/id/1032760", + "https://bugzilla.redhat.com/show_bug.cgi?id=1185817", + "https://github.com/vadz/libtiff/commit/3c5eb8b1be544e41d2c336191bc4936300ad7543", + "https://security.gentoo.org/glsa/201701-16" + ] + }, + { + "VulnerabilityID": "CVE-2017-16232", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libtiff: Memory leaks in tif_open.c, tif_lzw.c, and tif_aux.c", + "Description": "** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00036.html", + "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00041.html", + "http://packetstormsecurity.com/files/150896/LibTIFF-4.0.8-Memory-Leak.html", + "http://seclists.org/fulldisclosure/2018/Dec/32", + "http://seclists.org/fulldisclosure/2018/Dec/47", + "http://www.openwall.com/lists/oss-security/2017/11/01/11", + "http://www.openwall.com/lists/oss-security/2017/11/01/3", + "http://www.openwall.com/lists/oss-security/2017/11/01/7", + "http://www.openwall.com/lists/oss-security/2017/11/01/8", + "http://www.securityfocus.com/bid/101696" + ] + }, + { + "VulnerabilityID": "CVE-2017-17973", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libtiff: heap-based use after free in tiff2pdf.c:t2p_writeproc", + "Description": "** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue.", + "Severity": "MEDIUM", + "References": [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2769", + "http://www.securityfocus.com/bid/102331", + "https://bugzilla.novell.com/show_bug.cgi?id=1074318", + "https://bugzilla.redhat.com/show_bug.cgi?id=1530912" + ] + }, + { + "VulnerabilityID": "CVE-2017-5563", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libtiff: Heap-buffer overflow in LZWEncode tif_lzw.c", + "Description": "LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.", + "Severity": "MEDIUM", + "References": [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2664", + "http://www.securityfocus.com/bid/95705", + "https://security.gentoo.org/glsa/201709-27", + "https://usn.ubuntu.com/3606-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-10126", + "PkgName": "libtiff5", + "InstalledVersion": "4.1.0+git191117-2~deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libtiff: NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c", + "Description": "LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c.", + "Severity": "MEDIUM", + "References": [ + "http://bugzilla.maptools.org/show_bug.cgi?id=2786" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libtsan0", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libtsan0", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2018-12886", + "PkgName": "libubsan1", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass", + "Description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.", + "Severity": "MEDIUM", + "References": [ + "https://gcc.gnu.org/viewcvs/gcc/trunk/gcc/config/arm/arm-protos.h?revision=266379\u0026view=markup", + "https://www.gnu.org/software/gcc/gcc-8/changes.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15847", + "PkgName": "libubsan1", + "InstalledVersion": "8.3.0-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "gcc: POWER9 \"DARN\" RNG intrinsic produces repeated output", + "Description": "The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html", + "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481" + ] + }, + { + "VulnerabilityID": "CVE-2019-3843", + "PkgName": "libudev1", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108116", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://security.netapp.com/advisory/ntap-20190619-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-3844", + "PkgName": "libudev1", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108096", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2020-1712", + "PkgName": "libudev1", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "systemd: use-after-free when asynchronous polkit queries are performed", + "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-1712.html", + "http://linux.oracle.com/errata/ELSA-2020-0575.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", + "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", + "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", + "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", + "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", + "https://www.openwall.com/lists/oss-security/2020/02/05/1" + ] + }, + { + "VulnerabilityID": "CVE-2013-4392", + "PkgName": "libudev1", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", + "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "Severity": "LOW", + "References": [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060" + ] + }, + { + "VulnerabilityID": "CVE-2019-20386", + "PkgName": "libudev1", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", + "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://usn.ubuntu.com/4269-1/" + ] + }, + { + "VulnerabilityID": "CVE-2016-9085", + "PkgName": "libwebp6", + "InstalledVersion": "0.6.1-2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libwebp: Several integer overflows", + "Description": "Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.", + "Severity": "HIGH", + "References": [ + "http://www.openwall.com/lists/oss-security/2016/10/27/3", + "http://www.securityfocus.com/bid/93928", + "https://bugzilla.redhat.com/show_bug.cgi?id=1389338", + "https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG5Q42J7EJDKQKWTTHCO4YZMOMP74YPQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTR2ZW67TMT7KC24RBENIF25KWUJ7VPD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SH6X3MWD5AHZC5JT4625PGFHAYLR7YW7/", + "https://security.gentoo.org/glsa/201701-61" + ] + }, + { + "VulnerabilityID": "CVE-2016-9085", + "PkgName": "libwebpmux3", + "InstalledVersion": "0.6.1-2", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "libwebp: Several integer overflows", + "Description": "Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.", + "Severity": "HIGH", + "References": [ + "http://www.openwall.com/lists/oss-security/2016/10/27/3", + "http://www.securityfocus.com/bid/93928", + "https://bugzilla.redhat.com/show_bug.cgi?id=1389338", + "https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG5Q42J7EJDKQKWTTHCO4YZMOMP74YPQ/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTR2ZW67TMT7KC24RBENIF25KWUJ7VPD/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SH6X3MWD5AHZC5JT4625PGFHAYLR7YW7/", + "https://security.gentoo.org/glsa/201701-61" + ] + }, + { + "VulnerabilityID": "CVE-2016-9318", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "libxml2: XML External Entity vulnerability", + "Description": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/94347", + "https://bugzilla.gnome.org/show_bug.cgi?id=772726", + "https://github.com/lsh123/xmlsec/issues/43", + "https://security.gentoo.org/glsa/201711-01", + "https://usn.ubuntu.com/3739-1/", + "https://usn.ubuntu.com/3739-2/" + ] + }, + { + "VulnerabilityID": "CVE-2017-16932", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "libxml2: Infinite recursion in parameter entities", + "Description": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.", + "Severity": "MEDIUM", + "References": [ + "http://xmlsoft.org/news.html", + "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", + "https://bugzilla.gnome.org/show_bug.cgi?id=759579", + "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961", + "https://github.com/sparklemotion/nokogiri/issues/1714", + "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html", + "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html", + "https://usn.ubuntu.com/3739-1/", + "https://usn.ubuntu.com/usn/usn-3504-1/" + ] + }, + { + "VulnerabilityID": "CVE-2017-18258", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", + "Description": "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2017-18258.html", + "http://linux.oracle.com/errata/ELSA-2020-1190.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258", + "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb", + "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10284", + "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", + "https://security.netapp.com/advisory/ntap-20190719-0001/", + "https://usn.ubuntu.com/3739-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-14404", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", + "Description": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-14404.html", + "http://linux.oracle.com/errata/ELSA-2020-1190.html", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817", + "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404", + "https://github.com/sparklemotion/nokogiri/issues/1785", + "https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74", + "https://gitlab.gnome.org/GNOME/libxml2/commit/a436374994c47b12d5de1b8b1d191a098fa23594", + "https://gitlab.gnome.org/GNOME/libxml2/issues/10", + "https://groups.google.com/forum/#!msg/ruby-security-ann/uVrmO2HjqQw/Fw3ocLI0BQAJ", + "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", + "https://usn.ubuntu.com/3739-1/", + "https://usn.ubuntu.com/3739-2/" + ] + }, + { + "VulnerabilityID": "CVE-2018-14567", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", + "Description": "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-14567.html", + "http://linux.oracle.com/errata/ELSA-2020-1190.html", + "http://www.securityfocus.com/bid/105198", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567", + "https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74", + "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", + "https://usn.ubuntu.com/3739-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19956", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "libxml2: There's a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c that could result in a crash", + "Description": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.", + "Severity": "MEDIUM", + "References": [ + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956", + "https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549", + "https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html", + "https://security.netapp.com/advisory/ntap-20200114-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-20388", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c", + "Description": "xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.", + "Severity": "MEDIUM", + "References": [ + "https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/" + ] + }, + { + "VulnerabilityID": "CVE-2020-7595", + "PkgName": "libxml2", + "InstalledVersion": "2.9.4+dfsg1-7", + "Layer": { + "Digest": "sha256:81ecb6839daa3e8fbc774a09c24e2895ec6e34909e6fc23b8807ac17d8b9eeae", + "DiffID": "sha256:d0adf3a81fd4a0fb4bddcca9caf054716492d25fb47252c75bddf3083b66cbd6" + }, + "Title": "libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations", + "Description": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/sparklemotion/nokogiri/issues/1992", + "https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/", + "https://usn.ubuntu.com/4274-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19814", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: out-of-bounds write in __remove_dirty_segment in fs/f2fs/segment.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.", + "Severity": "CRITICAL", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19814", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19816", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: out-of-bounds write in __btrfs_map_block in fs/btrfs/volumes.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.", + "Severity": "CRITICAL", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19816", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2008-4609", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: TCP protocol vulnerabilities from Outpost24", + "Description": "The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.", + "Severity": "HIGH", + "References": [ + "http://blog.robertlee.name/2008/10/conjecture-speculation.html", + "http://insecure.org/stf/tcp-dos-attack-explained.html", + "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html", + "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2", + "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked", + "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml", + "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html", + "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf", + "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", + "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", + "http://www.outpost24.com/news/news-2008-10-02.html", + "http://www.us-cert.gov/cas/techalerts/TA09-251A.html", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340", + "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html" + ] + }, + { + "VulnerabilityID": "CVE-2013-7445", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects", + "Description": "The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.", + "Severity": "HIGH", + "References": [ + "https://bugzilla.kernel.org/show_bug.cgi?id=60533" + ] + }, + { + "VulnerabilityID": "CVE-2018-20669", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: missing access_ok() checks in i915_gem_execbuffer2_ioctl() results in priviledge escalation", + "Description": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.", + "Severity": "HIGH", + "References": [ + "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c", + "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", + "http://www.openwall.com/lists/oss-security/2019/01/23/6", + "http://www.securityfocus.com/bid/106748", + "https://access.redhat.com/security/cve/cve-2018-20669", + "https://security.netapp.com/advisory/ntap-20190404-0002/", + "https://support.f5.com/csp/article/K32059550" + ] + }, + { + "VulnerabilityID": "CVE-2019-12456", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: double fetch in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c", + "Description": "** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a \"double fetch\" vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used.", + "Severity": "HIGH", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=1717182", + "https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=5.3/scsi-queue\u0026id=86e5aca7fa2927060839f3e3b40c8bd65a7e8d1e", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDURACJVGIBIYBSGDZJTRDPX46H5WPZW/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBJHGQXA4PQ5EOGCOXEH3KFDNVZ2I4X7/", + "https://lkml.org/lkml/2019/5/29/1164" + ] + }, + { + "VulnerabilityID": "CVE-2019-12615", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: null pointer dereference in get_vdev_port_node_info in arch /sparc/kernel/mdesc.c", + "Description": "An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info-\u003evdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).", + "Severity": "HIGH", + "References": [ + "http://www.securityfocus.com/bid/108549", + "https://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc.git/commit/?id=80caf43549e7e41a695c6d1e11066286538b336f", + "https://security.netapp.com/advisory/ntap-20190710-0002/", + "https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2014901.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-16229", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: null pointer dereference in drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c", + "Description": "** DISPUTED ** drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: The security community disputes this issues as not being serious enough to be deserving a CVE id.", + "Severity": "HIGH", + "References": [ + "https://bugzilla.suse.com/show_bug.cgi?id=1150469#c3", + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16230", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: null pointer dereference in drivers/gpu/drm/radeon/radeon_display.c", + "Description": "** DISPUTED ** drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer states that the work queue allocation is happening during device initialization, which for a graphics card occurs during boot. It is not attacker controllable and OOM at that time is highly unlikely.", + "Severity": "HIGH", + "References": [ + "https://bugzilla.suse.com/show_bug.cgi?id=1150468", + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16231", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c", + "Description": "drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16231.html", + "http://linux.oracle.com/errata/ELSA-2020-5533.html", + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16232", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: null-pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c", + "Description": "drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", + "Severity": "HIGH", + "References": [ + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16233", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c", + "Description": "drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", + "Severity": "HIGH", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-16233.html", + "http://linux.oracle.com/errata/ELSA-2020-5508.html", + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-16234", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c", + "Description": "drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.", + "Severity": "HIGH", + "References": [ + "https://lkml.org/lkml/2019/9/9/487", + "https://security.netapp.com/advisory/ntap-20191004-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-18814", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: use-after-free in aa_audit_rule_init() in security/apparmor/audit.c", + "Description": "An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.", + "Severity": "HIGH", + "References": [ + "https://lore.kernel.org/patchwork/patch/1142523/", + "https://support.f5.com/csp/article/K21561554?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2019-19054", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c allows attackers to cause a DoS", + "Description": "A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.", + "Severity": "HIGH", + "References": [ + "https://github.com/torvalds/linux/commit/a7b2df76b42bdd026e3106cf2ba97db41345a177", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19061", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c allows for a DoS", + "Description": "A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.", + "Severity": "HIGH", + "References": [ + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9", + "https://github.com/torvalds/linux/commit/9c0530e898f384c5d279bfcebd8bb17af1105873", + "https://security.netapp.com/advisory/ntap-20191205-0001/", + "https://usn.ubuntu.com/4208-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19064", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c allows for a DoS", + "Description": "** DISPUTED ** A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control these failures at probe time.", + "Severity": "HIGH", + "References": [ + "https://bugzilla.suse.com/show_bug.cgi?id=1157300", + "https://github.com/torvalds/linux/commit/057b8945f78f76d0b04eeb5c27cd9225e5e7ad86", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19067", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c allow for a DoS", + "Description": "** DISPUTED ** Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures, aka CID-57be09c6e874. NOTE: third parties dispute the relevance of this because the attacker must already have privileges for module loading.", + "Severity": "HIGH", + "References": [ + "https://bugzilla.suse.com/show_bug.cgi?id=1157180", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8", + "https://github.com/torvalds/linux/commit/57be09c6e8747bf48704136d9e3f92bfb93f5725" + ] + }, + { + "VulnerabilityID": "CVE-2019-19070", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c allows for a DoS", + "Description": "** DISPUTED ** A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began.", + "Severity": "HIGH", + "References": [ + "https://bugzilla.suse.com/show_bug.cgi?id=1157294", + "https://github.com/torvalds/linux/commit/d3b0ffa1d75d5305ebe34735598993afbb8a869d", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19072", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS", + "Description": "A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.", + "Severity": "HIGH", + "References": [ + "https://github.com/torvalds/linux/commit/96c5c6e6a5b6db592acae039fed54b5c8844cd35", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19074", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: a memory leak in the ath9k management function in allows local DoS", + "Description": "A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.", + "Severity": "HIGH", + "References": [ + "https://github.com/torvalds/linux/commit/728c1e2a05e4b5fc52fab3421dce772a806612a2", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19813", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: use-after-free in __mutex_lock in kernel/locking/mutex.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.", + "Severity": "HIGH", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19813", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19815", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.", + "Severity": "HIGH", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19815", + "https://github.com/torvalds/linux/commit/4969c06a0d83c9c3dc50b8efcdc8eeedfce896f6#diff-41a7fa4590d2af87e82101f2b4dadb56", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2020-1749", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: some ipv6 protocols not encrypted over ipsec tunnel.", + "Description": "A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.", + "Severity": "HIGH" + }, + { + "VulnerabilityID": "CVE-2004-0230", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.", + "Severity": "MEDIUM", + "References": [ + "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc", + "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt", + "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt", + "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt", + "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc", + "http://kb.juniper.net/JSA10638", + "http://marc.info/?l=bugtraq\u0026m=108302060014745\u0026w=2", + "http://marc.info/?l=bugtraq\u0026m=108506952116653\u0026w=2", + "http://secunia.com/advisories/11440", + "http://secunia.com/advisories/11458", + "http://secunia.com/advisories/22341", + "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml", + "http://www.kb.cert.org/vuls/id/415294", + "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "http://www.osvdb.org/4030", + "http://www.securityfocus.com/archive/1/449179/100/0/threaded", + "http://www.securityfocus.com/bid/10183", + "http://www.uniras.gov.uk/vuls/2004/236929/index.htm", + "http://www.us-cert.gov/cas/techalerts/TA04-111A.html", + "http://www.vupen.com/english/advisories/2006/3983", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019", + "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886", + "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791", + "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711" + ] + }, + { + "VulnerabilityID": "CVE-2005-3660", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic) by creating a large number of connected file descriptors or socketpairs and setting a large data transfer buffer, then preventing Linux from being able to finish the transfer by causing the process to become a zombie, or closing the file descriptor without closing an associated reference.", + "Severity": "MEDIUM", + "References": [ + "http://secunia.com/advisories/18205", + "http://securityreason.com/securityalert/291", + "http://securitytracker.com/id?1015402", + "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=362", + "http://www.securityfocus.com/bid/16041", + "http://www.vupen.com/english/advisories/2005/3076", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/23835" + ] + }, + { + "VulnerabilityID": "CVE-2008-2544", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: mounting proc readonly on a different mount point silently mounts it rw if the /proc mount is rw", + "Description": "No description is available for this CVE.", + "Severity": "MEDIUM" + }, + { + "VulnerabilityID": "CVE-2010-4563", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: ipv6: sniffer detection", + "Description": "The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping.", + "Severity": "MEDIUM", + "References": [ + "http://seclists.org/dailydave/2011/q2/25", + "http://seclists.org/fulldisclosure/2011/Apr/254" + ] + }, + { + "VulnerabilityID": "CVE-2010-5321", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap()", + "Description": "Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf.", + "Severity": "MEDIUM", + "References": [ + "http://linuxtv.org/irc/v4l/index.php?date=2010-07-29", + "http://www.openwall.com/lists/oss-security/2015/02/08/4", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827340", + "https://bugzilla.kernel.org/show_bug.cgi?id=120571", + "https://bugzilla.redhat.com/show_bug.cgi?id=620629" + ] + }, + { + "VulnerabilityID": "CVE-2012-4542", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: block: default SCSI command filter does not accomodate commands overlap across device classes", + "Description": "block/scsi_ioctl.c in the Linux kernel through 3.8 does not properly consider the SCSI device class during authorization of SCSI commands, which allows local users to bypass intended access restrictions via an SG_IO ioctl call that leverages overlapping opcodes.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2012-4542.html", + "http://linux.oracle.com/errata/ELSA-2013-2534.html", + "http://marc.info/?l=linux-kernel\u0026m=135903967015813\u0026w=2", + "http://marc.info/?l=linux-kernel\u0026m=135904012416042\u0026w=2", + "http://rhn.redhat.com/errata/RHSA-2013-0496.html", + "http://rhn.redhat.com/errata/RHSA-2013-0579.html", + "http://rhn.redhat.com/errata/RHSA-2013-0882.html", + "http://rhn.redhat.com/errata/RHSA-2013-0928.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=875360", + "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=76a274e17114abf1a77de6b651424648ce9e10c8" + ] + }, + { + "VulnerabilityID": "CVE-2014-9892", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717.", + "Severity": "MEDIUM", + "References": [ + "http://source.android.com/security/bulletin/2016-08-01.html", + "http://www.securityfocus.com/bid/92222", + "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=591b1f455c32206704cbcf426bb30911c260c33e" + ] + }, + { + "VulnerabilityID": "CVE-2014-9900", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: Info leak in uninitialized structure ethtool_wolinfo in ethtool_get_wol()", + "Description": "The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android internal bug 28803952 and Qualcomm internal bug CR570754.", + "Severity": "MEDIUM", + "References": [ + "http://source.android.com/security/bulletin/2016-08-01.html", + "http://www.securityfocus.com/bid/92222", + "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=63c317dbee97983004dffdd9f742a20d17150071" + ] + }, + { + "VulnerabilityID": "CVE-2016-10723", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "** DISPUTED ** An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via concurrent page fault events) when the global OOM killer is invoked. NOTE: the software maintainer has not accepted certain proposed patches, in part because of a viewpoint that \"the underlying problem is non-trivial to handle.\"", + "Severity": "MEDIUM", + "References": [ + "https://patchwork.kernel.org/patch/10395909/", + "https://patchwork.kernel.org/patch/9842889/", + "https://www.spinics.net/lists/linux-mm/msg117896.html" + ] + }, + { + "VulnerabilityID": "CVE-2016-8660", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: xfs: local DoS due to a page lock order bug in the XFS seek hole/data implementation", + "Description": "The XFS subsystem in the Linux kernel through 4.8.2 allows local users to cause a denial of service (fdatasync failure and system hang) by using the vfs syscall group in the trinity program, related to a \"page lock order bug in the XFS seek hole/data implementation.\"", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2016/10/13/8", + "http://www.securityfocus.com/bid/93558", + "https://bugzilla.redhat.com/show_bug.cgi?id=1384851" + ] + }, + { + "VulnerabilityID": "CVE-2017-13693", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: ACPI operand cache leak in dsutils.c", + "Description": "The acpi_ds_create_operands() function in drivers/acpi/acpica/dsutils.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/100502", + "https://github.com/acpica/acpica/pull/295/commits/987a3b5cf7175916e2a4b6ea5b8e70f830dfe732", + "https://patchwork.kernel.org/patch/9919053/" + ] + }, + { + "VulnerabilityID": "CVE-2018-1121", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "procps-ng, procps: process hiding through race condition enumerating /proc", + "Description": "procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower PID, thus avoiding enumeration. An unprivileged attacker can hide a process from procps-ng's utilities by exploiting a race condition in reading /proc/PID entries. This vulnerability affects procps and procps-ng up to version 3.3.15, newer versions might be affected also.", + "Severity": "MEDIUM", + "References": [ + "http://seclists.org/oss-sec/2018/q2/122", + "http://www.securityfocus.com/bid/104214", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1121", + "https://security.gentoo.org/glsa/201805-14", + "https://www.exploit-db.com/exploits/44806/", + "https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt" + ] + }, + { + "VulnerabilityID": "CVE-2018-12928", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko", + "Description": "In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/104593", + "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384", + "https://marc.info/?l=linux-fsdevel\u0026m=152407263325766\u0026w=2" + ] + }, + { + "VulnerabilityID": "CVE-2018-17977", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: Mishandled interactions among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets resulting in a denial of service", + "Description": "The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/105539", + "https://www.openwall.com/lists/oss-security/2018/10/05/5" + ] + }, + { + "VulnerabilityID": "CVE-2018-3693", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "Kernel: speculative bounds check bypass store", + "Description": "Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-3693.html", + "http://linux.oracle.com/errata/ELSA-2018-2390.html", + "https://01.org/security/advisories/intel-oss-10002", + "https://access.redhat.com/errata/RHSA-2018:2384", + "https://access.redhat.com/errata/RHSA-2018:2390", + "https://access.redhat.com/errata/RHSA-2018:2395", + "https://access.redhat.com/errata/RHSA-2019:1946", + "https://access.redhat.com/solutions/3523601", + "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", + "https://people.csail.mit.edu/vlk/spectre11.pdf", + "https://security.netapp.com/advisory/ntap-20180823-0001/", + "https://software.intel.com/sites/default/files/managed/4e/a1/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf", + "https://thehackernews.com/2018/07/intel-spectre-vulnerability.html", + "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", + "https://www.suse.com/support/kb/doc/?id=7023075" + ] + }, + { + "VulnerabilityID": "CVE-2019-12378", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: unchecked kmalloc of new_ra in ip6_ra_control leads to denial of service", + "Description": "** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12378.html", + "http://linux.oracle.com/errata/ELSA-2019-4746.html", + "http://www.securityfocus.com/bid/108475", + "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=95baa60a0da80a0143e3ddd4d3725758b4513825", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", + "https://lkml.org/lkml/2019/5/25/229" + ] + }, + { + "VulnerabilityID": "CVE-2019-12379", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: memory leak in con_insert_unipair in drivers/tty/vt/consolemap.c", + "Description": "** DISPUTED ** An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108478", + "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-next\u0026id=84ecc2f6eb1cb12e6d44818f94fa49b50f06e6ac", + "https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-testing\u0026id=15b3cd8ef46ad1b100e0d3c7e38774f330726820", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", + "https://security.netapp.com/advisory/ntap-20190710-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-12381", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: unchecked kmalloc of new_ra in ip_ra_control leads to denial of service", + "Description": "An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12381.html", + "http://linux.oracle.com/errata/ELSA-2019-4746.html", + "http://www.securityfocus.com/bid/108473", + "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=425aa0e1d01513437668fa3d4a971168bbaa8515", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", + "https://lkml.org/lkml/2019/5/25/230" + ] + }, + { + "VulnerabilityID": "CVE-2019-12382", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service", + "Description": "An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-12382.html", + "http://linux.oracle.com/errata/ELSA-2020-1016.html", + "http://www.securityfocus.com/bid/108474", + "https://cgit.freedesktop.org/drm/drm-misc/commit/?id=9f1f1a2dab38d4ce87a13565cf4dc1b73bef3a5f", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", + "https://lkml.org/lkml/2019/5/24/843" + ] + }, + { + "VulnerabilityID": "CVE-2019-12455", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: null pointer dereference in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c causing denial of service", + "Description": "** DISPUTED ** An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This id is disputed as not being an issue because β€œThe memory allocation that was not checked is part of a code that only runs at boot time, before user processes are started. Therefore, there is no possibility for an unprivileged user to control it, and no denial of service.”.", + "Severity": "MEDIUM", + "References": [ + "https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux.git/commit/?h=sunxi/clk-for-5.3\u0026id=fcdf445ff42f036d22178b49cf64e92d527c1330", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://security.netapp.com/advisory/ntap-20190710-0002/", + "https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2010240.html" + ] + }, + { + "VulnerabilityID": "CVE-2019-15213", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c", + "Description": "An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-15213.html", + "http://linux.oracle.com/errata/ELSA-2019-4872.html", + "http://www.openwall.com/lists/oss-security/2019/08/20/2", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3", + "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7", + "https://security.netapp.com/advisory/ntap-20190905-0002/", + "https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced" + ] + }, + { + "VulnerabilityID": "CVE-2019-16089", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: Improper return check in nbd_genl_status function in drivers/block/nbd.c", + "Description": "An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.", + "Severity": "MEDIUM", + "References": [ + "https://lore.kernel.org/patchwork/patch/1106884/", + "https://lore.kernel.org/patchwork/patch/1126650/", + "https://security.netapp.com/advisory/ntap-20191004-0001/", + "https://support.f5.com/csp/article/K03814795?utm_source=f5support\u0026amp;utm_medium=RSS" + ] + }, + { + "VulnerabilityID": "CVE-2019-19036", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: null-pointer dereference in btrfs_root_node in fs/btrfs/ctree.c", + "Description": "btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root-\u003enode) can be zero.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19036", + "https://security.netapp.com/advisory/ntap-20191205-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19046", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c", + "Description": "** DISPUTED ** A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", + "https://bugzilla.suse.com/show_bug.cgi?id=1157304", + "https://github.com/torvalds/linux/commit/4aa7afb0ee20a97fbf0c5bab3df028d5fb85fdab", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", + "https://usn.ubuntu.com/4302-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19082", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc leads to DoS", + "Description": "Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the dce100_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the dce112_create_resource_pool() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka CID-104c307147ad.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", + "https://github.com/torvalds/linux/commit/104c307147ad379617472dd91a5bcb368d72bd6d", + "https://security.netapp.com/advisory/ntap-20191205-0001/", + "https://usn.ubuntu.com/4258-1/", + "https://usn.ubuntu.com/4284-1/", + "https://usn.ubuntu.com/4287-1/", + "https://usn.ubuntu.com/4287-2/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19083", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc leads to DoS", + "Description": "Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8", + "https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12", + "https://security.netapp.com/advisory/ntap-20191205-0001/", + "https://usn.ubuntu.com/4208-1/", + "https://usn.ubuntu.com/4226-1/", + "https://usn.ubuntu.com/4227-1/", + "https://usn.ubuntu.com/4227-2/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19318", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: use-after-free in rwsem_down_write_slowpath in kernel/locking/rwsem.c", + "Description": "In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,", + "Severity": "MEDIUM", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19318", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19377", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19377", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19378", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: out-of-bounds write in index_rbio_pages in fs/btrfs/raid56.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19378", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19448", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c", + "Description": "In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19448", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19449", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c", + "Description": "In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).", + "Severity": "MEDIUM", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19449", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19462", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: NULL pointer dereference in relay_open in kernel/relay.c", + "Description": "relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.", + "Severity": "MEDIUM", + "References": [ + "https://lore.kernel.org/lkml/20191129013745.7168-1-dja@axtens.net/", + "https://syzkaller-ppc64.appspot.com/bug?id=1c09906c83a8ea811a9e318c2a4f8e243becc6f8", + "https://syzkaller-ppc64.appspot.com/bug?id=b05b4d005191cc375cdf848c3d4d980308d50531", + "https://syzkaller.appspot.com/bug?id=e4265490d26d6c01cd9bc79dc915ef0a1bf15046", + "https://syzkaller.appspot.com/bug?id=f4d1cb4330bd3ddf4a628332b4285407b2eedd7b" + ] + }, + { + "VulnerabilityID": "CVE-2019-19768", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c", + "Description": "In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-19768.html", + "http://linux.oracle.com/errata/ELSA-2020-5663.html", + "https://bugzilla.kernel.org/show_bug.cgi?id=205711", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19770", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: use-after-free in debugfs_remove in fs/debugfs/inode.c", + "Description": "** DISPUTED ** In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux kernel developers dispute this issue as not being an issue with debugfs, instead this is an issue with misuse of debugfs within blktrace.", + "Severity": "MEDIUM", + "References": [ + "https://bugzilla.kernel.org/show_bug.cgi?id=205713", + "https://lore.kernel.org/linux-block/20200402000002.7442-1-mcgrof@kernel.org/", + "https://security.netapp.com/advisory/ntap-20200103-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2020-10708", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: race condition in kernel/audit.c may allow low privilege users trigger kernel panic", + "Description": "A race condition flaw was found in the Linux kernel audit subsystem. When the system is configured to panic on events being dropped, an attacker can use this flaw to trigger an audit event that begins while the audit is in the process of starting, causing the system to panic by exploiting a race condition in the audit event handling. This attack results in a denial of service.", + "Severity": "MEDIUM", + "References": [ + "https://www.openwall.com/lists/oss-security/2020/04/17/1" + ] + }, + { + "VulnerabilityID": "CVE-2020-10942", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "Kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field", + "Description": "In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-10942.html", + "http://linux.oracle.com/errata/ELSA-2020-5663.html", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.8", + "https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64", + "https://lkml.org/lkml/2020/2/15/125", + "https://security.netapp.com/advisory/ntap-20200403-0003/" + ] + }, + { + "VulnerabilityID": "CVE-2020-11565", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c", + "Description": "** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue β€œis a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.”.", + "Severity": "MEDIUM", + "References": [ + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd", + "https://github.com/torvalds/linux/commit/aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd" + ] + }, + { + "VulnerabilityID": "CVE-2020-11609", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.", + "Severity": "MEDIUM", + "References": [ + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.1", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=485b06aadb933190f4bc44e006076bc27a23f205", + "https://github.com/torvalds/linux/commit/485b06aadb933190f4bc44e006076bc27a23f205" + ] + }, + { + "VulnerabilityID": "CVE-2020-11668", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c", + "Description": "In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.", + "Severity": "MEDIUM", + "References": [ + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.1", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a246b4d547708f33ff4d4b9a7a5dbac741dc89d8", + "https://github.com/torvalds/linux/commit/a246b4d547708f33ff4d4b9a7a5dbac741dc89d8" + ] + }, + { + "VulnerabilityID": "CVE-2020-11669", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: powerpc: guest can cause DoS on POWER9 KVM hosts", + "Description": "An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.", + "Severity": "MEDIUM", + "References": [ + "https://access.redhat.com/errata/RHSA-2019:3517", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=53a712bae5dd919521a58d7bad773b949358add0", + "https://github.com/torvalds/linux/commit/53a712bae5dd919521a58d7bad773b949358add0", + "https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208660.html", + "https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208661.html", + "https://lists.ozlabs.org/pipermail/linuxppc-dev/2020-April/208663.html" + ] + }, + { + "VulnerabilityID": "CVE-2020-11725", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: improper handling of private_size*count multiplication due to count=info-\u003eowner typo", + "Description": "** DISPUTED ** snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info-\u003eowner line, which later affects a private_size*count multiplication for unspecified \"interesting side effects.\" NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were added that were unfamiliar with the misuse of the info-\u003eowner field to represent data unrelated to the \"owner\" concept. The existing callers, SNDRV_CTL_IOCTL_ELEM_ADD and SNDRV_CTL_IOCTL_ELEM_REPLACE, have been designed to misuse the info-\u003eowner field in a safe way.", + "Severity": "MEDIUM", + "References": [ + "https://github.com/torvalds/linux/blob/3b2549a3740efb8af0150415737067d87e466c5b/sound/core/control.c#L1434-L1474", + "https://lore.kernel.org/alsa-devel/s5h4ktmlfpx.wl-tiwai@suse.de/", + "https://twitter.com/yabbadabbadrew/status/1248632267028582400" + ] + }, + { + "VulnerabilityID": "CVE-2020-7053", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c", + "Description": "In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-7053.html", + "http://linux.oracle.com/errata/ELSA-2020-5569.html", + "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1859522", + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7dc40713618c884bf07c030d1ab1f47a9dc1f310", + "https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks@canonical.com", + "https://security.netapp.com/advisory/ntap-20200204-0002/", + "https://usn.ubuntu.com/4255-1/", + "https://usn.ubuntu.com/4255-2/" + ] + }, + { + "VulnerabilityID": "CVE-2020-8992", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: soft lockup via a crafted journal size in ext4_protect_reserved_inode in fs/ext4/block_validity.c", + "Description": "ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-8992.html", + "http://linux.oracle.com/errata/ELSA-2020-5663.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html", + "https://patchwork.ozlabs.org/patch/1236118/", + "https://security.netapp.com/advisory/ntap-20200313-0003/" + ] + }, + { + "VulnerabilityID": "CVE-2007-3719", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: secretly Monopolizing the CPU Without Superuser Privileges", + "Description": "The process scheduler in the Linux kernel 2.6.16 gives preference to \"interactive\" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in \"Secretly Monopolizing the CPU Without Superuser Privileges.\"", + "Severity": "LOW", + "References": [ + "http://osvdb.org/37127", + "http://www.cs.huji.ac.il/~dants/papers/Cheat07Security.pdf" + ] + }, + { + "VulnerabilityID": "CVE-2011-4915", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.", + "Severity": "LOW", + "References": [ + "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0499680a42141d86417a8fbaa8c8db806bea1201", + "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a2ef990ab5a6705a356d146dd773a3b359787497", + "http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4915.html", + "http://www.openwall.com/lists/oss-security/2011/11/07/9", + "https://lkml.org/lkml/2011/11/7/340", + "https://seclists.org/oss-sec/2011/q4/571", + "https://security-tracker.debian.org/tracker/CVE-2011-4915", + "https://vigilance.fr/vulnerability/Linux-kernel-information-disclosure-about-keyboard-11131" + ] + }, + { + "VulnerabilityID": "CVE-2011-4917", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Severity": "LOW" + }, + { + "VulnerabilityID": "CVE-2015-2877", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "Kernel: Cross-VM ASL INtrospection (CAIN)", + "Description": "** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection (CAIN) attack. NOTE: the vendor states \"Basically if you care about this attack vector, disable deduplication.\" Share-until-written approaches for memory conservation among mutually untrusting tenants are inherently detectable for information disclosure, and can be classified as potentially misunderstood behaviors rather than vulnerabilities.", + "Severity": "LOW", + "References": [ + "http://www.antoniobarresi.com/files/cain_advisory.txt", + "http://www.kb.cert.org/vuls/id/935424", + "http://www.securityfocus.com/bid/76256", + "https://bugzilla.redhat.com/show_bug.cgi?id=1252096", + "https://www.kb.cert.org/vuls/id/BGAR-A2CNKG", + "https://www.kb.cert.org/vuls/id/BLUU-9ZAHZH", + "https://www.usenix.org/system/files/conference/woot15/woot15-paper-barresi.pdf" + ] + }, + { + "VulnerabilityID": "CVE-2017-0630", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: Information disclosure vulnerability in kernel trace subsystem", + "Description": "An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34277115.", + "Severity": "LOW", + "References": [ + "http://www.securityfocus.com/bid/98213", + "https://source.android.com/security/bulletin/2017-05-01", + "https://source.android.com/security/bulletin/2017-05-01#id-in-kernel-trace-subsystem" + ] + }, + { + "VulnerabilityID": "CVE-2017-13694", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: ACPI node and node_ext cache leak", + "Description": "The acpi_ps_complete_final_op() function in drivers/acpi/acpica/psobject.c in the Linux kernel through 4.12.9 does not flush the node and node_ext caches and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.", + "Severity": "LOW", + "References": [ + "http://www.securityfocus.com/bid/100500", + "https://github.com/acpica/acpica/pull/278/commits/4a0243ecb4c94e2d73510d096c5ea4d0711fc6c0", + "https://patchwork.kernel.org/patch/9806085/" + ] + }, + { + "VulnerabilityID": "CVE-2018-8043", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: NULL pointer dereference in drivers/net/phy/mdio-bcm-unimac.c:unimac_mdio_probe() can lead to denial of service", + "Description": "The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).", + "Severity": "LOW", + "References": [ + "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5", + "http://linux.oracle.com/cve/CVE-2018-8043.html", + "http://linux.oracle.com/errata/ELSA-2019-4509.html", + "http://www.securitytracker.com/id/1040749", + "https://github.com/torvalds/linux/commit/297a6961ffb8ff4dc66c9fbf53b924bd1dda05d5", + "https://usn.ubuntu.com/3619-1/", + "https://usn.ubuntu.com/3619-2/", + "https://usn.ubuntu.com/3630-1/", + "https://usn.ubuntu.com/3630-2/", + "https://usn.ubuntu.com/3632-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-11191", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: race condition in load_aout_binary() allows local users to bypass ASLR on setuid a.out programs", + "Description": "The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.", + "Severity": "LOW", + "References": [ + "http://www.openwall.com/lists/oss-security/2019/04/18/5", + "http://www.openwall.com/lists/oss-security/2019/05/22/7", + "http://www.securityfocus.com/bid/107887", + "https://usn.ubuntu.com/4006-1/", + "https://usn.ubuntu.com/4006-2/", + "https://usn.ubuntu.com/4007-1/", + "https://usn.ubuntu.com/4007-2/", + "https://usn.ubuntu.com/4008-1/", + "https://usn.ubuntu.com/4008-3/", + "https://www.openwall.com/lists/oss-security/2019/04/03/4", + "https://www.openwall.com/lists/oss-security/2019/04/03/4/1" + ] + }, + { + "VulnerabilityID": "CVE-2019-12380", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: memory allocation failure in the efi subsystem leads to denial of service", + "Description": "**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because β€œAll the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html", + "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", + "http://www.securityfocus.com/bid/108477", + "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=4e78921ba4dd0aca1cc89168f45039add4183f8e", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/", + "https://security.netapp.com/advisory/ntap-20190710-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-18808", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c", + "Description": "A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html", + "https://github.com/torvalds/linux/commit/128c66429247add5128c03dc1e144ca56f05a4e2", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/", + "https://security.netapp.com/advisory/ntap-20191205-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-18885", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: fs/btrfs/volumes.c allows a btrfs_verify_dev_extents NULL pointer dereference", + "Description": "fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices-\u003edevices is mishandled within find_device, aka CID-09ba3bc9dd15.", + "Severity": "LOW", + "References": [ + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=09ba3bc9dd150457c506e4661380a6183af651c1", + "https://github.com/bobfuzzer/CVE-2019-18885", + "https://github.com/torvalds/linux/commit/09ba3bc9dd150457c506e4661380a6183af651c1", + "https://security.netapp.com/advisory/ntap-20191205-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-19039", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: information disclosure in __btrfs_free_extent in fs/btrfs/extent-tree.c", + "Description": "** DISPUTED ** __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because β€œ1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.”", + "Severity": "LOW", + "References": [ + "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19039" + ] + }, + { + "VulnerabilityID": "CVE-2019-19073", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS)", + "Description": "Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html", + "https://github.com/torvalds/linux/commit/853acf7caf10b828102d92d05b5c101666a6142b", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/", + "https://security.netapp.com/advisory/ntap-20191205-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2019-3016", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: kvm: Information leak within a KVM guest", + "Description": "In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.", + "Severity": "LOW", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-3016.html", + "http://linux.oracle.com/errata/ELSA-2020-5533.html", + "http://packetstormsecurity.com/files/157233/Kernel-Live-Patch-Security-Notice-LSN-0065-1.html", + "http://www.openwall.com/lists/oss-security/2020/01/30/4", + "https://bugzilla.redhat.com/show_bug.cgi?id=1792167", + "https://git.kernel.org/linus/1eff70a9abd46f175defafd29bc17ad456f398a7", + "https://git.kernel.org/linus/8c6de56a42e0c657955e12b882a81ef07d1d073e", + "https://git.kernel.org/linus/917248144db5d7320655dbb41d3af0b8a0f3d589", + "https://git.kernel.org/linus/a6bd811f1209fe1c64c9f6fd578101d6436c6b6e", + "https://git.kernel.org/linus/b043138246a41064527cf019a3d51d9f015e9796", + "https://lore.kernel.org/lkml/1580407316-11391-1-git-send-email-pbonzini@redhat.com/", + "https://security.netapp.com/advisory/ntap-20200313-0003/", + "https://usn.ubuntu.com/4300-1/", + "https://usn.ubuntu.com/4301-1/", + "https://www.openwall.com/lists/oss-security/2020/01/30/4" + ] + }, + { + "VulnerabilityID": "CVE-2019-3874", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: SCTP socket buffer memory leak leading to denial of service", + "Description": "The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.", + "Severity": "LOW", + "References": [ + "http://linux.oracle.com/cve/CVE-2019-3874.html", + "http://linux.oracle.com/errata/ELSA-2019-3517.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874", + "https://discuss.kubernetes.io/t/kubernetes-security-announcement-linux-kernel-memory-cgroups-escape-via-sctp-cve-2019-3874/5594", + "https://lore.kernel.org/netdev/20190401113110.GA20717@hmswarspite.think-freely.org/T/#u", + "https://security.netapp.com/advisory/ntap-20190411-0003/", + "https://usn.ubuntu.com/3979-1/", + "https://usn.ubuntu.com/3980-1/", + "https://usn.ubuntu.com/3980-2/", + "https://usn.ubuntu.com/3981-1/", + "https://usn.ubuntu.com/3981-2/", + "https://usn.ubuntu.com/3982-1/", + "https://usn.ubuntu.com/3982-2/" + ] + }, + { + "VulnerabilityID": "CVE-2020-0009", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-142938932", + "Severity": "LOW", + "References": [ + "http://packetstormsecurity.com/files/155903/Android-ashmem-Read-Only-Bypasses.html", + "https://source.android.com/security/bulletin/2020-01-01" + ] + }, + { + "VulnerabilityID": "CVE-2020-0067", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: Android. Versions: Android kernel. Android ID: A-120551147.", + "Severity": "LOW", + "References": [ + "http://android.googlesource.com/kernel/common/+/688078e7", + "https://source.android.com/security/bulletin/pixel/2020-04-01" + ] + }, + { + "VulnerabilityID": "CVE-2020-11494", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: transmission of uninitialized data allows attackers to read sensitive information", + "Description": "An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4.", + "Severity": "LOW", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-11494.html", + "http://linux.oracle.com/errata/ELSA-2020-5663.html", + "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html", + "https://github.com/torvalds/linux/commit/b9258a2cece4ec1f020715fe3554bc2e360f6264" + ] + }, + { + "VulnerabilityID": "CVE-2020-11608", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.", + "Severity": "LOW", + "References": [ + "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.1", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=998912346c0da53a6dbb71fab3a138586b596b30", + "https://github.com/torvalds/linux/commit/998912346c0da53a6dbb71fab3a138586b596b30" + ] + }, + { + "VulnerabilityID": "CVE-2020-2732", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources", + "Description": "A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.", + "Severity": "LOW", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-2732.html", + "http://linux.oracle.com/errata/ELSA-2020-5543.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=1805135", + "https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec", + "https://git.kernel.org/linus/35a571346a94fb93b5b3b6a599675ef3384bc75c", + "https://git.kernel.org/linus/e71237d3ff1abf9f3388337cfebf53b96df2020d", + "https://linux.oracle.com/errata/ELSA-2020-5540.html", + "https://linux.oracle.com/errata/ELSA-2020-5542.html", + "https://linux.oracle.com/errata/ELSA-2020-5543.html", + "https://www.openwall.com/lists/oss-security/2020/02/25/3", + "https://www.spinics.net/lists/kvm/msg208259.html" + ] + }, + { + "VulnerabilityID": "CVE-2020-8428", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: use-after-free in fs/namei.c", + "Description": "fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed.", + "Severity": "LOW", + "References": [ + "http://www.openwall.com/lists/oss-security/2020/01/28/4", + "http://www.openwall.com/lists/oss-security/2020/02/02/1", + "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d0cb50185ae942b03c4327be322055d622dc79f6", + "https://github.com/torvalds/linux/commit/d0cb50185ae942b03c4327be322055d622dc79f6", + "https://www.openwall.com/lists/oss-security/2020/01/28/2" + ] + }, + { + "VulnerabilityID": "CVE-2020-8647", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c", + "Description": "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html", + "https://bugzilla.kernel.org/show_bug.cgi?id=206359" + ] + }, + { + "VulnerabilityID": "CVE-2020-8648", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c", + "Description": "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html", + "https://bugzilla.kernel.org/show_bug.cgi?id=206361" + ] + }, + { + "VulnerabilityID": "CVE-2020-8649", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c", + "Description": "There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html", + "https://bugzilla.kernel.org/show_bug.cgi?id=206357" + ] + }, + { + "VulnerabilityID": "CVE-2020-9383", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c", + "Description": "An issue was discovered in the Linux kernel through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.", + "Severity": "LOW", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-9383.html", + "http://linux.oracle.com/errata/ELSA-2020-5663.html", + "https://github.com/torvalds/linux/commit/2e90ca68b0d2f5548804f22f0dd61145516171e3", + "https://security.netapp.com/advisory/ntap-20200313-0003/" + ] + }, + { + "VulnerabilityID": "TEMP-0000000-F7A20F", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Severity": "LOW" + }, + { + "VulnerabilityID": "CVE-2019-15794", + "PkgName": "linux-libc-dev", + "InstalledVersion": "4.19.98-1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Description": "Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-\u003evm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.", + "Severity": "UNKNOWN", + "References": [ + "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=270d16ae48a4dbf1c7e25e94cc3e38b4bea37635", + "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=ef81780548d20a786cc77ed4203fca146fd81ce3", + "https://usn.ubuntu.com/usn/usn-4208-1", + "https://usn.ubuntu.com/usn/usn-4209-1" + ] + }, + { + "VulnerabilityID": "CVE-2007-5686", + "PkgName": "login", + "InstalledVersion": "1:4.5-1.1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "Severity": "MEDIUM", + "References": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825" + ] + }, + { + "VulnerabilityID": "CVE-2018-7169", + "PkgName": "login", + "InstalledVersion": "1:4.5-1.1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "Description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used \"group blacklisting\" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", + "Severity": "MEDIUM", + "References": [ + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "https://security.gentoo.org/glsa/201805-09" + ] + }, + { + "VulnerabilityID": "CVE-2019-19882", + "PkgName": "login", + "InstalledVersion": "1:4.5-1.1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "Description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "Severity": "MEDIUM", + "References": [ + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580" + ] + }, + { + "VulnerabilityID": "CVE-2013-4235", + "PkgName": "login", + "InstalledVersion": "1:4.5-1.1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "Description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "Severity": "LOW", + "References": [ + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235" + ] + }, + { + "VulnerabilityID": "TEMP-0628843-DBAD28", + "PkgName": "login", + "InstalledVersion": "1:4.5-1.1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Severity": "LOW" + }, + { + "VulnerabilityID": "CVE-2008-1687", + "PkgName": "m4", + "InstalledVersion": "1.4.18-2", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "m4: unquoted output of maketemp and mkstemp", + "Description": "The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename.", + "Severity": "HIGH", + "References": [ + "http://secunia.com/advisories/29671", + "http://secunia.com/advisories/29729", + "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.510612", + "http://www.openwall.com/lists/oss-security/2008/04/07/1", + "http://www.openwall.com/lists/oss-security/2008/04/07/12", + "http://www.openwall.com/lists/oss-security/2008/04/07/3", + "http://www.openwall.com/lists/oss-security/2008/04/07/4", + "http://www.securityfocus.com/bid/28688", + "http://www.vupen.com/english/advisories/2008/1151/references", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/41706" + ] + }, + { + "VulnerabilityID": "CVE-2008-1688", + "PkgName": "m4", + "InstalledVersion": "1.4.18-2", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "m4: code execution via -F argument", + "Description": "Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.", + "Severity": "HIGH", + "References": [ + "http://osvdb.org/44272", + "http://secunia.com/advisories/29671", + "http://secunia.com/advisories/29729", + "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.510612", + "http://www.openwall.com/lists/oss-security/2008/04/07/1", + "http://www.openwall.com/lists/oss-security/2008/04/07/3", + "http://www.securityfocus.com/bid/28688", + "http://www.vupen.com/english/advisories/2008/1151/references", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/41704" + ] + }, + { + "VulnerabilityID": "CVE-2007-6755", + "PkgName": "openssl", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "Dual_EC_DRBG: weak pseudo random number generator", + "Description": "The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain \"skeleton key\" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.", + "Severity": "MEDIUM", + "References": [ + "http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/", + "http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html", + "http://blog.cryptographyengineering.com/2013/09/the-many-flaws-of-dualecdrbg.html", + "http://rump2007.cr.yp.to/15-shumow.pdf", + "http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/", + "http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect", + "http://www.securityfocus.com/bid/63657", + "https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html" + ] + }, + { + "VulnerabilityID": "CVE-2010-0928", + "PkgName": "openssl", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "openssl: RSA authentication weakness", + "Description": "OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a \"fault-based attack.\"", + "Severity": "MEDIUM", + "References": [ + "http://rdist.root.org/2010/03/08/attacking-rsa-exponentiation-with-fault-injection/", + "http://www.eecs.umich.edu/%7Evaleria/research/publications/DATE10RSA.pdf", + "http://www.networkworld.com/news/2010/030410-rsa-security-attack.html", + "http://www.osvdb.org/62808", + "http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/", + "https://exchange.xforce.ibmcloud.com/vulnerabilities/56750" + ] + }, + { + "VulnerabilityID": "CVE-2019-1551", + "PkgName": "openssl", + "InstalledVersion": "1.1.1d-0+deb10u3", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", + "Description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html", + "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", + "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1551", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", + "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", + "https://github.com/openssl/openssl/pull/10575", + "https://seclists.org/bugtraq/2019/Dec/39", + "https://seclists.org/bugtraq/2019/Dec/46", + "https://security.netapp.com/advisory/ntap-20191210-0001/", + "https://www.debian.org/security/2019/dsa-4594", + "https://www.openssl.org/news/secadv/20191206.txt", + "https://www.tenable.com/security/tns-2019-09" + ] + }, + { + "VulnerabilityID": "CVE-2007-5686", + "PkgName": "passwd", + "InstalledVersion": "1:4.5-1.1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Description": "initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.", + "Severity": "MEDIUM", + "References": [ + "http://secunia.com/advisories/27215", + "http://www.securityfocus.com/archive/1/482129/100/100/threaded", + "http://www.securityfocus.com/archive/1/482857/100/0/threaded", + "http://www.securityfocus.com/bid/26048", + "http://www.vupen.com/english/advisories/2007/3474", + "https://issues.rpath.com/browse/RPL-1825" + ] + }, + { + "VulnerabilityID": "CVE-2018-7169", + "PkgName": "passwd", + "InstalledVersion": "1:4.5-1.1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation", + "Description": "An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used \"group blacklisting\" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.", + "Severity": "MEDIUM", + "References": [ + "https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357", + "https://security.gentoo.org/glsa/201805-09" + ] + }, + { + "VulnerabilityID": "CVE-2019-19882", + "PkgName": "passwd", + "InstalledVersion": "1:4.5-1.1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "shadow-utils: local users can obtain root access because setuid programs are misconfigured", + "Description": "shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).", + "Severity": "MEDIUM", + "References": [ + "https://bugs.archlinux.org/task/64836", + "https://bugs.gentoo.org/702252", + "https://github.com/shadow-maint/shadow/commit/edf7547ad5aa650be868cf2dac58944773c12d75", + "https://github.com/shadow-maint/shadow/pull/199", + "https://github.com/void-linux/void-packages/pull/17580" + ] + }, + { + "VulnerabilityID": "CVE-2013-4235", + "PkgName": "passwd", + "InstalledVersion": "1:4.5-1.1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "shadow-utils: TOCTOU race conditions by copying and removing directory trees", + "Description": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees", + "Severity": "LOW", + "References": [ + "https://access.redhat.com/security/cve/cve-2013-4235", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235", + "https://security-tracker.debian.org/tracker/CVE-2013-4235" + ] + }, + { + "VulnerabilityID": "TEMP-0628843-DBAD28", + "PkgName": "passwd", + "InstalledVersion": "1:4.5-1.1", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Severity": "LOW" + }, + { + "VulnerabilityID": "CVE-2010-4651", + "PkgName": "patch", + "InstalledVersion": "2.7.6-3+deb10u1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "patch: directory traversal flaw allows for arbitrary file creation", + "Description": "Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.", + "Severity": "MEDIUM", + "References": [ + "http://git.savannah.gnu.org/cgit/patch.git/commit/?id=685a78b6052f4df6eac6d625a545cfb54a6ac0e1", + "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html", + "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055241.html", + "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055246.html", + "http://lists.gnu.org/archive/html/bug-patch/2010-12/msg00000.html", + "http://openwall.com/lists/oss-security/2011/01/05/10", + "http://openwall.com/lists/oss-security/2011/01/06/19", + "http://openwall.com/lists/oss-security/2011/01/06/20", + "http://openwall.com/lists/oss-security/2011/01/06/21", + "http://secunia.com/advisories/43663", + "http://secunia.com/advisories/43677", + "http://support.apple.com/kb/HT4723", + "http://www.securityfocus.com/bid/46768", + "http://www.vupen.com/english/advisories/2011/0600", + "https://bugzilla.redhat.com/show_bug.cgi?id=667529" + ] + }, + { + "VulnerabilityID": "CVE-2018-6951", + "PkgName": "patch", + "InstalledVersion": "2.7.6-3+deb10u1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "patch: NULL pointer dereference in pch.c:intuit_diff_type() causes a crash", + "Description": "An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a \"mangled rename\" issue.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/103044", + "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a", + "https://savannah.gnu.org/bugs/index.php?53132", + "https://security.gentoo.org/glsa/201904-17", + "https://usn.ubuntu.com/3624-1/" + ] + }, + { + "VulnerabilityID": "CVE-2018-6952", + "PkgName": "patch", + "InstalledVersion": "2.7.6-3+deb10u1", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "patch: Double free of memory in pch.c:another_hunk() causes a crash", + "Description": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2018-6952.html", + "http://linux.oracle.com/errata/ELSA-2019-2033.html", + "http://www.securityfocus.com/bid/103047", + "https://savannah.gnu.org/bugs/index.php?53133", + "https://security.gentoo.org/glsa/201904-17" + ] + }, + { + "VulnerabilityID": "CVE-2011-4116", + "PkgName": "perl", + "InstalledVersion": "5.28.1-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "perl: File::Temp insecure temporary file handling", + "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238" + ] + }, + { + "VulnerabilityID": "CVE-2011-4116", + "PkgName": "perl-base", + "InstalledVersion": "5.28.1-6", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "perl: File::Temp insecure temporary file handling", + "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238" + ] + }, + { + "VulnerabilityID": "CVE-2011-4116", + "PkgName": "perl-modules-5.28", + "InstalledVersion": "5.28.1-6", + "Layer": { + "Digest": "sha256:f8d55b89827dff29b49f86cebc978eddb06ffdf89e9675cc9e43e76939a1a3cd", + "DiffID": "sha256:92ae4025fb201623e7341f8351134f15dc6ea13d8426a7da22ad4e17fc21b731" + }, + "Title": "perl: File::Temp insecure temporary file handling", + "Description": "_is_safe in the File::Temp module for Perl does not properly handle symlinks.", + "Severity": "MEDIUM", + "References": [ + "http://www.openwall.com/lists/oss-security/2011/11/04/2", + "http://www.openwall.com/lists/oss-security/2011/11/04/4", + "https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14", + "https://rt.cpan.org/Public/Bug/Display.html?id=69106", + "https://seclists.org/oss-sec/2011/q4/238" + ] + }, + { + "VulnerabilityID": "CVE-2020-8492", + "PkgName": "python3.7", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", + "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", + "Severity": "HIGH", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue39503", + "https://github.com/python/cpython/pull/18284", + "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", + "https://security.netapp.com/advisory/ntap-20200221-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2017-17522", + "PkgName": "python3.7", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: Command injection in Lib/webbrowser.py", + "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/102207", + "https://bugs.python.org/issue32367", + "https://security-tracker.debian.org/tracker/CVE-2017-17522" + ] + }, + { + "VulnerabilityID": "CVE-2019-18348", + "PkgName": "python3.7", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: CRLF injection via the host part of the url passed to urlopen()", + "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", + "Severity": "MEDIUM", + "References": [ + "https://bugs.python.org/issue30458#msg347282", + "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", + "https://security.netapp.com/advisory/ntap-20191107-0004/" + ] + }, + { + "VulnerabilityID": "CVE-2019-9674", + "PkgName": "python3.7", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", + "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue36260", + "https://bugs.python.org/issue36462", + "https://github.com/python/cpython/blob/master/Lib/zipfile.py", + "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", + "https://security.netapp.com/advisory/ntap-20200221-0003/", + "https://www.python.org/news/security/" + ] + }, + { + "VulnerabilityID": "CVE-2020-8492", + "PkgName": "python3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS", + "Description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", + "Severity": "HIGH", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue39503", + "https://github.com/python/cpython/pull/18284", + "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html", + "https://security.netapp.com/advisory/ntap-20200221-0001/" + ] + }, + { + "VulnerabilityID": "CVE-2017-17522", + "PkgName": "python3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: Command injection in Lib/webbrowser.py", + "Description": "** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/102207", + "https://bugs.python.org/issue32367", + "https://security-tracker.debian.org/tracker/CVE-2017-17522" + ] + }, + { + "VulnerabilityID": "CVE-2019-18348", + "PkgName": "python3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: CRLF injection via the host part of the url passed to urlopen()", + "Description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.)", + "Severity": "MEDIUM", + "References": [ + "https://bugs.python.org/issue30458#msg347282", + "https://bugzilla.redhat.com/show_bug.cgi?id=1727276", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/", + "https://security.netapp.com/advisory/ntap-20191107-0004/" + ] + }, + { + "VulnerabilityID": "CVE-2019-9674", + "PkgName": "python3.7-minimal", + "InstalledVersion": "3.7.3-2+deb10u1", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "python: Nested zip file (Zip bomb) vulnerability in Lib/zipfile.py", + "Description": "Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.", + "Severity": "MEDIUM", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", + "https://bugs.python.org/issue36260", + "https://bugs.python.org/issue36462", + "https://github.com/python/cpython/blob/master/Lib/zipfile.py", + "https://python-security.readthedocs.io/security.html#archives-and-zip-bomb", + "https://security.netapp.com/advisory/ntap-20200221-0003/", + "https://www.python.org/news/security/" + ] + }, + { + "VulnerabilityID": "CVE-2019-3843", + "PkgName": "systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108116", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://security.netapp.com/advisory/ntap-20190619-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-3844", + "PkgName": "systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108096", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2020-1712", + "PkgName": "systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: use-after-free when asynchronous polkit queries are performed", + "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-1712.html", + "http://linux.oracle.com/errata/ELSA-2020-0575.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", + "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", + "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", + "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", + "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", + "https://www.openwall.com/lists/oss-security/2020/02/05/1" + ] + }, + { + "VulnerabilityID": "CVE-2013-4392", + "PkgName": "systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", + "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "Severity": "LOW", + "References": [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060" + ] + }, + { + "VulnerabilityID": "CVE-2019-20386", + "PkgName": "systemd", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", + "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://usn.ubuntu.com/4269-1/" + ] + }, + { + "VulnerabilityID": "CVE-2019-3843", + "PkgName": "systemd-sysv", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: services with DynamicUser can create SUID/SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108116", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/", + "https://security.netapp.com/advisory/ntap-20190619-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2019-3844", + "PkgName": "systemd-sysv", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: services with DynamicUser can get new privileges and create SGID binaries", + "Description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.", + "Severity": "MEDIUM", + "References": [ + "http://www.securityfocus.com/bid/108096", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844", + "https://security.netapp.com/advisory/ntap-20190619-0002/" + ] + }, + { + "VulnerabilityID": "CVE-2020-1712", + "PkgName": "systemd-sysv", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: use-after-free when asynchronous polkit queries are performed", + "Description": "A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.", + "Severity": "MEDIUM", + "References": [ + "http://linux.oracle.com/cve/CVE-2020-1712.html", + "http://linux.oracle.com/errata/ELSA-2020-0575.html", + "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712", + "https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54", + "https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb", + "https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d", + "https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2", + "https://www.openwall.com/lists/oss-security/2020/02/05/1" + ] + }, + { + "VulnerabilityID": "CVE-2013-4392", + "PkgName": "systemd-sysv", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: TOCTOU race condition when updating file permissions and SELinux security contexts", + "Description": "systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.", + "Severity": "LOW", + "References": [ + "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357", + "http://www.openwall.com/lists/oss-security/2013/10/01/9", + "https://bugzilla.redhat.com/show_bug.cgi?id=859060" + ] + }, + { + "VulnerabilityID": "CVE-2019-20386", + "PkgName": "systemd-sysv", + "InstalledVersion": "241-7~deb10u3", + "Layer": { + "Digest": "sha256:aaf8af9dabaec28a6a2a7e455b8bdd12a81c76d2d0fca3406539ddeee61c370a", + "DiffID": "sha256:ba46a3052ea3e0c31992225d1ac3f2fe01f806236e1186565cd2b0aeba794fa1" + }, + "Title": "systemd: a memory leak was discovered in button_open in login/logind-button.c when udev events are received", + "Description": "An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.", + "Severity": "LOW", + "References": [ + "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00014.html", + "https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad", + "https://security.netapp.com/advisory/ntap-20200210-0002/", + "https://usn.ubuntu.com/4269-1/" + ] + }, + { + "VulnerabilityID": "TEMP-0517018-A83CE6", + "PkgName": "sysvinit-utils", + "InstalledVersion": "2.93-8", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Severity": "LOW" + }, + { + "VulnerabilityID": "CVE-2005-2541", + "PkgName": "tar", + "InstalledVersion": "1.30+dfsg-6", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Description": "Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.", + "Severity": "CRITICAL", + "References": [ + "http://marc.info/?l=bugtraq\u0026m=112327628230258\u0026w=2" + ] + }, + { + "VulnerabilityID": "CVE-2019-9923", + "PkgName": "tar", + "InstalledVersion": "1.30+dfsg-6", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Title": "tar: null-pointer dereference in pax_decode_header in sparse.c", + "Description": "pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.", + "Severity": "MEDIUM", + "References": [ + "http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120", + "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html", + "http://savannah.gnu.org/bugs/?55369", + "https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241" + ] + }, + { + "VulnerabilityID": "TEMP-0290435-0B57B5", + "PkgName": "tar", + "InstalledVersion": "1.30+dfsg-6", + "Layer": { + "Digest": "sha256:54fec2fa59d0a0de9cd2dec9850b36c43de451f1fd1c0a5bf8f1cf26a61a5da4", + "DiffID": "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13" + }, + "Severity": "LOW" + } + ] + }, + { + "Target": "var/www/html/extensions/CategoryTree/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/Cite/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/CiteThisPage/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/CodeEditor/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/ConfirmEdit/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/Gadgets/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/ImageMap/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/InputBox/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/Interwiki/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/LocalisationUpdate/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/MultimediaViewer/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/Nuke/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/OATHAuth/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/PageImages/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/ParserFunctions/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/PdfHandler/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/Poem/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/Renameuser/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/ReplaceText/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/Scribunto/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/SpamBlacklist/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/SyntaxHighlight_GeSHi/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/TextExtracts/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/TitleBlacklist/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/extensions/WikiEditor/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/skins/MonoBook/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/skins/Vector/package-lock.json", + "Vulnerabilities": null + }, + { + "Target": "var/www/html/tests/phpunit/data/composer/composer.lock", + "Vulnerabilities": null + } +] \ No newline at end of file diff --git a/integrations/trivy/examples/mediawiki/scan.yaml b/integrations/trivy/examples/mediawiki/scan.yaml new file mode 100644 index 00000000..9ea8fc1f --- /dev/null +++ b/integrations/trivy/examples/mediawiki/scan.yaml @@ -0,0 +1,8 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "trivy-mediawiki" +spec: + scanType: "trivy" + parameters: + - "mediawiki:stable" diff --git a/integrations/wpscan/README.md b/integrations/wpscan/README.md new file mode 100644 index 00000000..61b250a6 --- /dev/null +++ b/integrations/wpscan/README.md @@ -0,0 +1,88 @@ +--- +title: 'WPScan' +path: 'scanner/WPScan' +category: 'scanner' +usecase: 'Wordpress Vulnerability Scanner' +--- + +![WPScan Logo](https://raw.githubusercontent.com/wpscanteam/wpscan/gh-pages/images/wpscan_logo.png) + +WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. + +> NOTE: You need to provide WPSan with an API Token so that it can look up vulnerabilities infos with [https://wpvulndb.com](https://wpvulndb.com). Without the token WPScan will only identify Wordpress Core / Plugin / Theme versions but not if they are actually vulnerable. You can get a free API Token at by registering for an account at [https://wpvulndb.com](https://wpvulndb.com). Using the secureCodeBox WPScans you can specify the token via the `WPVULNDB_API_TOKEN` target attribute, see the example below. + +To learn more about the WPScan scanner itself visit [wpscan.org] or [wpscan.io]. + + + +## Deployment + +The WPScan scanType can be deployed via helm. + +```bash +helm upgrade --install wpscan ./integrations/wpscan/ +``` + +## Examples + +A set of examples can be found in the [examples](./examples) folder. +* Example *example.com* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml) + +## Configuration + +The follwing security scan configuration example are based on the [WPScan Documentation], please take a look at the original documentation for more configuration examples. + +* Scan all plugins with known vulnerabilities: `wpscan --url example.com -e vp --plugins-detection mixed --api-token WPVULNDB_API_TOKEN` +* Scan all plugins in our database (could take a very long time): `wpscan --url example.com -e ap --plugins-detection mixed --api-token WPVULNDB_API_TOKEN` +* Password brute force attack: `wpscan --url example.com -e u --passwords /path/to/password_file.txt` +* WPScan keeps a local database of metadata that is used to output useful information, such as the latest version of a plugin. The local database can be updated with the following command: `wpscan --update` +* When enumerating the WordPress version, installed plugins or installed themes, you can use three different "modes", which are: + * passive + * aggressive + * mixed + If you want the most results use the "mixed" mode. However, if you are worried that the server may not be able to handle a large number of requests, use the "passive" mode. The default mode is "mixed", with the exception of plugin enumeration, which is "passive". You will need to manually override the plugin detection mode, if you want to use anything other than the default, with the `--plugins-detection` option. +* WPScan can enumerate various things from a remote WordPress applcation, such as plugins, themes, usernames, backed up files wp-config.php files, Timthumb files, database exports and more. To use WPScan's enumeration capabilities supply the `-e `option. +```bash +Available Choices: + vp | Vulnerable plugins + ap | All plugins + p | Plugins + vt | Vulnerable themes + at | All themes + t | Themes + tt | Timthumbs + cb | Config backups + dbe | Db exports + u | User IDs range. e.g: u1-5 + Range separator to use: '-' + Value if no argument supplied: 1-10 + m | Media IDs range. e.g m1-15 + Note: Permalink setting must be set to "Plain" for those to be detected + Range separator to use: '-' + Value if no argument supplied: 1-100 + +Separator to use between the values: ',' +Default: All Plugins, Config Backups +Value if no argument supplied: vp,vt,tt,cb,dbe,u,m +Incompatible choices (only one of each group/s can be used): + - vp, ap, p + - vt, at, t +``` + +## Development + +### Local setup +1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` +2. Ensure you have node.js installed + * On MacOs with brew package manager: `brew install node` + +### Parser Development + +1. Install the dependencies `npm install` +2. Update the parser function here: `./parser/parser.js` +3. Update the parser tests here: `./parser/parser.test.js` +4. Run the testsuite: `npm test` + +[wpscan.io]: https://wpscan.io/ +[wpscan.org]: https://wpscan.org/ +[WPScan Documentation]: https://github.com/wpscanteam/wpscan/wiki/WPScan-User-Documentation \ No newline at end of file diff --git a/integrations/wpscan/examples/example.com/findings.yaml b/integrations/wpscan/examples/example.com/findings.yaml new file mode 100644 index 00000000..76fb9f2a --- /dev/null +++ b/integrations/wpscan/examples/example.com/findings.yaml @@ -0,0 +1,228 @@ +{ + "banner": { + "description": "WordPress Security Scanner by the WPScan Team", + "version": "3.8.1", + "authors": [ + "@_WPScan_", + "@ethicalhack3r", + "@erwan_lr", + "@firefart" + ], + "sponsor": "Sponsored by Automattic - https://automattic.com/" + }, + "start_time": 1591480247, + "start_memory": 41349120, + "target_url": "https://www.example.com/", + "target_ip": "192.168.200.100", + "effective_url": "https://www.example.com/", + "interesting_findings": [ + { + "url": "https://www.example.com/", + "to_s": "Headers", + "type": "headers", + "found_by": "Headers (Passive Detection)", + "confidence": 100, + "confirmed_by": { + + }, + "references": { + + }, + "interesting_entries": [ + "Server: Apache/2.4.29 (Ubuntu)" + ] + }, + { + "url": "https://www.example.com/robots.txt", + "to_s": "https://www.example.com/robots.txt", + "type": "robots_txt", + "found_by": "Robots Txt (Aggressive Detection)", + "confidence": 100, + "confirmed_by": { + + }, + "references": { + + }, + "interesting_entries": [ + "/wp-admin/", + "/wp-admin/admin-ajax.php" + ] + }, + { + "url": "https://www.example.com/readme.html", + "to_s": "https://www.example.com/readme.html", + "type": "readme", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 100, + "confirmed_by": { + + }, + "references": { + + }, + "interesting_entries": [ + + ] + }, + { + "url": "https://www.example.com/wp-content/mu-plugins/", + "to_s": "This site has 'Must Use Plugins': https://www.example.com/wp-content/mu-plugins/", + "type": "mu_plugins", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 80, + "confirmed_by": { + + }, + "references": { + "url": [ + "http://codex.wordpress.org/Must_Use_Plugins" + ] + }, + "interesting_entries": [ + + ] + }, + { + "url": "https://www.example.com/wp-cron.php", + "to_s": "The external WP-Cron seems to be enabled: https://www.example.com/wp-cron.php", + "type": "wp_cron", + "found_by": "Direct Access (Aggressive Detection)", + "confidence": 60, + "confirmed_by": { + + }, + "references": { + "url": [ + "https://www.iplocation.net/defend-wordpress-from-ddos", + "https://github.com/wpscanteam/wpscan/issues/1299" + ] + }, + "interesting_entries": [ + + ] + } + ], + "version": { + "number": "5.3.3", + "release_date": "2020-04-29", + "status": "latest", + "found_by": "Rss Generator (Passive Detection)", + "confidence": 100, + "interesting_entries": [ + "https://www.example.com/feed/, https://wordpress.org/?v=5.3.3", + "https://www.example.com/comments/feed/, https://wordpress.org/?v=5.3.3" + ], + "confirmed_by": { + + }, + "vulnerabilities": [ + + ] + }, + "main_theme": { + "slug": "twentyseventeen", + "location": "https://www.example.com/wp-content/themes/twentyseventeen/", + "latest_version": "2.3", + "last_updated": "2020-03-31T00:00:00.000Z", + "outdated": true, + "readme_url": "https://www.example.com/wp-content/themes/twentyseventeen/README.txt", + "directory_listing": false, + "error_log_url": null, + "style_url": "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3", + "style_name": "Twenty Seventeen", + "style_uri": "https://wordpress.org/themes/twentyseventeen/", + "description": "Twenty Seventeen brings your site to life with header video and immersive featured images. With a focus on business sites, it features multiple sections on the front page as well as widgets, navigation and social menus, a logo, and more. Personalize its asymmetrical grid with a custom color scheme and showcase your multimedia content with post formats. Our default theme for 2017 works great in many languages, for any abilities, and on any device.", + "author": "the WordPress team", + "author_uri": "https://wordpress.org/", + "template": null, + "license": "GNU General Public License v2 or later", + "license_uri": "http://www.gnu.org/licenses/gpl-2.0.html", + "tags": "one-column, two-columns, right-sidebar, flexible-header, accessibility-ready, custom-colors, custom-header, custom-menu, custom-logo, editor-style, featured-images, footer-widgets, post-formats, rtl-language-support, sticky-post, theme-options, threaded-comments, translation-ready", + "text_domain": "twentyseventeen", + "found_by": "Css Style In Homepage (Passive Detection)", + "confidence": 100, + "interesting_entries": [ + + ], + "confirmed_by": { + "Css Style In 404 Page (Passive Detection)": { + "confidence": 70, + "interesting_entries": [ + + ] + } + }, + "vulnerabilities": [ + + ], + "version": { + "number": "2.2", + "confidence": 80, + "found_by": "Style (Passive Detection)", + "interesting_entries": [ + "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3, Match: 'Version: 2.2'" + ], + "confirmed_by": { + + } + }, + "parents": [ + + ] + }, + "plugins": { + "akismet": { + "slug": "akismet", + "location": "https://www.example.com/wp-content/plugins/akismet/", + "latest_version": "4.1.6", + "last_updated": "2020-06-04T17:21:00.000Z", + "outdated": false, + "readme_url": false, + "directory_listing": false, + "error_log_url": null, + "found_by": "Known Locations (Aggressive Detection)", + "confidence": 80, + "interesting_entries": [ + "https://www.example.com/wp-content/plugins/akismet/, status: 403" + ], + "confirmed_by": { + + }, + "vulnerabilities": [ + { + "title": "Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)", + "fixed_in": "3.1.5", + "references": { + "cve": [ + "2015-9357" + ], + "url": [ + "http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/", + "https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html" + ], + "wpvulndb": [ + "8215" + ] + } + } + ], + "version": null + } + }, + "vuln_api": { + "plan": "free", + "requests_done_during_scan": 4, + "requests_remaining": 18 + }, + "stop_time": 1591480342, + "elapsed": 94, + "requests_done": 2335, + "cached_requests": 9, + "data_sent": 631774, + "data_sent_humanised": "616.967 KB", + "data_received": 1093069, + "data_received_humanised": "1.042 MB", + "used_memory": 272867328, + "used_memory_humanised": "260.227 MB" + } \ No newline at end of file From 706b4ade25f3a8d0862bcc53cfb0e72a0791cb4a Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Tue, 9 Jun 2020 10:30:54 +0200 Subject: [PATCH 051/109] Added scanner integration readme files and example files for each scanner --- .../wpscan/examples/example.com/scan.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 integrations/wpscan/examples/example.com/scan.yaml diff --git a/integrations/wpscan/examples/example.com/scan.yaml b/integrations/wpscan/examples/example.com/scan.yaml new file mode 100644 index 00000000..cbc31151 --- /dev/null +++ b/integrations/wpscan/examples/example.com/scan.yaml @@ -0,0 +1,15 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: Scan +metadata: + name: "wpscan-www.example.com" +spec: + scanType: "wpscan" + parameters: + - "--url" + - https://www.example.com + - "-e" + - "vp" + - "--plugins-detection" + - "mixed" + - "--api-token" + - "AAAAABBBBBCCCCCDDDDEEEEEEE" From c175708d68ef9256207ec7c1517c90585b55ce85 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Tue, 9 Jun 2020 10:48:47 +0200 Subject: [PATCH 052/109] Added a general docs folder for all documentation stuff --- README.md | 2 +- docs/.gitkeep | 1 + docs/_config.yml | 1 + docs/developer-guide/README.md | 43 ++++++++++++++++++ docs/index.md | 25 ++++++++++ docs/resources/logo.png | Bin 0 -> 22320 bytes docs/resources/logo.svg | 28 ++++++++++++ docs/resources/macbook_kibana.jpg | Bin 0 -> 337037 bytes .../resources/scb-architecture.drawio | 0 .../resources/scb-architecture.svg | 0 .../resources/securecodebox-logo.svg | 0 docs/user-guide/README.md | 3 ++ 12 files changed, 102 insertions(+), 1 deletion(-) create mode 100644 docs/.gitkeep create mode 100644 docs/_config.yml create mode 100644 docs/developer-guide/README.md create mode 100644 docs/index.md create mode 100644 docs/resources/logo.png create mode 100644 docs/resources/logo.svg create mode 100644 docs/resources/macbook_kibana.jpg rename scb-architecture.drawio => docs/resources/scb-architecture.drawio (100%) rename scb-architecture.svg => docs/resources/scb-architecture.svg (100%) rename securecodebox-logo.svg => docs/resources/securecodebox-logo.svg (100%) create mode 100644 docs/user-guide/README.md diff --git a/README.md b/README.md index b6f5c8c4..beb1f667 100644 --- a/README.md +++ b/README.md @@ -129,7 +129,7 @@ kubectl get scans ## Architecture -![secureCodeBox Architecture](scb-architecture.svg) +![secureCodeBox Architecture](./docs/resources/scb-architecture.svg) ## License diff --git a/docs/.gitkeep b/docs/.gitkeep new file mode 100644 index 00000000..792d6005 --- /dev/null +++ b/docs/.gitkeep @@ -0,0 +1 @@ +# diff --git a/docs/_config.yml b/docs/_config.yml new file mode 100644 index 00000000..2f7efbea --- /dev/null +++ b/docs/_config.yml @@ -0,0 +1 @@ +theme: jekyll-theme-minimal \ No newline at end of file diff --git a/docs/developer-guide/README.md b/docs/developer-guide/README.md new file mode 100644 index 00000000..1987ad83 --- /dev/null +++ b/docs/developer-guide/README.md @@ -0,0 +1,43 @@ +# Extending secureCodeBox + +## Developing the SCB Operator + +## How to a new security scanner + +### ScanType Definition + +### Parsing SDK + +## How to integrate a new hook + +### HookType Definition + +### Hook SDK + +# Guidelines +## Coding Guidelines + +### JSON +We're using snake_case (lower case) for json attributes. If an enum type is used as attribute its converted to lower case. If it's an value it's always used UPPERCASE. This is to hold the attribute api consistent, but make shure Enums are recognized as enums. + +```json +{ + "id": "e18cdc5e-6b49-4346-b623-28a4e878e154", + "name": "Open mysql Port", + "description": "Port 3306 is open using tcp protocol.", + "category": "Open Port", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + "attributes": { + "protocol": "tcp", + "port": 3306, + "service": "mysql", + "mac_address": null, + "start": "1520606104", + "end": "1520606118", + "ip_address": "127.0.0.1", + "state": "open" + }, + "location": "tcp://127.0.0.1:3306" + } +``` \ No newline at end of file diff --git a/docs/index.md b/docs/index.md new file mode 100644 index 00000000..abb1ab06 --- /dev/null +++ b/docs/index.md @@ -0,0 +1,25 @@ +# Continuous Secure Delivery - Out of the Box + +![secureCodeBox](resources/logo.png "secureCodeBox") + +> _secureCodeBox_ is a docker based, modularized toolchain for continuous security scans of your software project. + +## Documentation Overview + + +- [Project Readme and Quickstart][scb-github] +- [User Guide](user-guide/README.md) +- [Developer Guide](developer-guide/README.md) + + + +## Need a human? +- [Join Slack][scb-slack] + +## License +Code of secureCodeBox is licensed under the [Apache License 2.0][scb-license]. + +[scb-github]: https://github.com/secureCodeBox/secureCodeBox +[scb-twitter]: https://twitter.com/secureCodeBox +[scb-slack]: https://join.slack.com/t/securecodebox/shared_invite/enQtNDU3MTUyOTM0NTMwLTBjOWRjNjVkNGEyMjQ0ZGMyNDdlYTQxYWQ4MzNiNGY3MDMxNThkZjJmMzY2NDRhMTk3ZWM3OWFkYmY1YzUxNTU +[scb-license]: https://github.com/secureCodeBox/secureCodeBox/blob/master/LICENSE diff --git a/docs/resources/logo.png b/docs/resources/logo.png new file mode 100644 index 0000000000000000000000000000000000000000..2b76c1d68dbede5c4ab400f3e0c1c85dee031939 GIT binary patch literal 22320 zcmYg&2RPR4`!_}Q78w~?**laGLRPZ($Q~IPAu~j_$lkN;?7hk!*(7@lnQ@2cf8NjY z{EqkSki_kK?ejc8iLu znDECN)BG*`AIs^nt_unZ4l(jC>e#&RANVG!h76p1ImMI?!p@*ju3R@^JGCbMp$7&Phq5pwOYnKa$k& zNc%bO_nc}onfu&PN41JW5I0xNS*E`*`TT8InptiF>4O?XNnX|yZ{iu$*pvIVmvVvM z*|@kI0(HW@oVcDaTD=auUP7H$kKnq~#3JVJNIK2ZQIntNV4ySBQ2gBYv9n3$cOvv2 zSN3;$iY1?&Ix8891}_6?WD+<-(>$#<(wC1>!-i^!&TIv!TZb=1_m3A4liJ2U=u(*U zL4@!rVUx!T<)5$M)3+>?XyiBH%jW^tME`qD1s3+ff3NOjzT3|5->XyqzZd6p?xOzt zi^mqRe698O0+XW)Vp7hD3kw;q1mYjDr5GTr(sNK84bc_Et~I;Gdt{Ye+uOcaE-mIU zSqq9;-^+FRw~a6rW>&N9&u)X>0--a}1xMIx*!gI_@ehP@UJYAf|HkA+LHGEl12T66 z;~)L{?DlA(HLTOBD!8ppos{s~u_0RKY(RfH6`r4;R2b@iuf6vH&24ni*WvVOLj84` z=dT=a0*38hH+?rdb;7K``)_p5AG3BepMMW&d~aM?{bT07=+O#-b%Y@Z^?yHSK04L( zKJO>wi+z6j6kF;w4gGgje>vpLn39a*OdtMWm!7lQol-wu{pqpR)wA>q(~{r~;XwAk zbK1G0rY`S2cStqpD{682H0edywN`{P33Pu!(^_J3U^yLZ^l^k=VzfKxjvxjgLl zxKj19s5Hp6eftJEX)0G&K2;&lDEGhIv=;I4r~E`%iT%GeR>rl1 zc@75@EeXE3E`+du%Ds^H*kK!_!KR=4-*B#p@BPMeXmuIdedhFq6&v}808uF|rzA0y zfA&q~J?y=`gm>n+)S`i%HM&(HQkdFz1Ci6^l{+dBl@^{NhO7K!mmrINiO=g+XTaTh zeJYD1%m(#P3P-j+-Jn&zZc`hS2JXF@An$9BI$pC?p!ts4q;mH<8FcFi;Mvf-i!q9X zC%x~euJ)L2)7RR5*qb=3v`enIgb-HUckkHmGmJB>T)4c0ZEVbL)R~8C+Sl~A>}+Y> z*Lc6NT(;b6qU4an&$laF=BI% zef?OCDS>W{r2b-;P;D1Fn;F|@cl!!U(1;%G#to0accj4%gJuE=tyU;iWK4txW!)@v zze?36Fbu3Q>p6(lpaa1Uc|5n|>8TTW+hT?;tTxFj6{nv)@A|97l#tc2FXhwzX2XQy zQ3p+Y-Ew_1DOyinm)8QuP9dTxf%(&kZ=y|y+TZ%1jCUfM5?(+2mRAR9Yi8n3yPd0r z68LE%D^^40DSkyO-ipZ6!b?Ii3w$B})s%-XI(v4QgmZW@`|)1Afq^c zfwvmg(Z?oc`ui9jysUu>1I9UyqPkCc;-W+ABjDre6B-@)!B3pfIpxRi<#qPsxu?@^ z+46F7=16d4!v_w(HD0K7>4{U^8EYrZ^3@^Z4F*2)0+CM#E!?$HLW*P)>a$vbNMn{W`V$*BpexHAkZ-JOmEYxoBP|zU1Gj z1{w%{y|vcM`kqmOXSC zvERBtL<}Yqe=8Lr8xUmrh-h-!Jyh7M)QnA&8SYKvqFC@|?JyedrG}9}gxjKt%0(!A z-hIYF5m_)Q;xus3?vQ`>W_PUW=eJcVT)#46HKpL_v~i~2sQ${sQ}obD&E)%J&2A0H zJACpK%R*ewRw5M#{icg0{yufP7fblSgltLPnT$Itc%SrH0wXz|fp)it8&h2-Rko;&temt$c4`j;zklGhLgb zS$uuop02*j>0C<{p-w!UC`_GGenhIkT3d*ZH@a zJq9LTz)8i=NPdLCc;OJxwEq6#{=v*$Q?>5hWx~L_!#qX-O&yQJcC6T9ir;%|Pbde8 zG*||GlU(`EQFir5x}f|ADf;f-OwUi=YkRf?u*;(NFF!B~%e?H+VN2=UH!}0$#Hzp^ zLN!wAUxMc*#+}5!DrZbmk%d_H#VWTTF@K|2f@3-Vc)St4(e4M8$_mU@L-M0?nZ8%} z+uwQv4j_Isyb5+B=y~z$kATps?!X_Zy)!vU8v5tR69fSF#%%?;=&HZA{$B$Q_vs-%y6<hC`XN%m7kMk?x?Bu) zOx4bp-cIjKh+d1_@|(Q#z%WhKA0pI+M(kbjis+dgA7pBm*Ym&ACGF+$xFAtnbIRjxz{jlUvWE*?^gIF#d3W_g|(h0&u2cbX))1(YL2RsiPsxh zR41NjwU8@ZZ$lWhr0D$mnj%fS{j?;h^)RnA-~q}(_>*e;6UeilA8vM0RE3~C%p8`F zROuB{|HBpJ{kdpZNB-+Z21~`cy_8ei`EuYBB$vu<#9XOA z%S-s{T1~&g?cdAyxb^J1nu}=@v{fK6Zj$YFGc|jPWP2Wd^zul6lJ=;b&1)0RsCY$Y z$J^gkm+O|zefaf{;btb6q&=oplL8qkAdR366b z-FkL=^3Tjk_}BdD?UvXPjnDTXjar%G|BT$F)F(2PQztLu?^_Uqz~`i0rJJ`NSyy%~ zHKX*)kb9YpZz*gwC{4oxicnOPSyg7WxR0?a`RHvNIfj2mpPTQM^*t!wHAH+m4Qz<7 zsGK5nTK@GKV^mDE`2H8+wwNvxb0ZhBa>!saSDnHBIEI|@N~dP$GA#FBo{dxt)NQv^ zrj#Wp6!h2;+RbS1bd1x#`ytkT=h%oTVQI2umz)Mx2Q+leC!|Rvl^hEnK=lD@# ztI2T|<@!IZN#oJwjP#i7F>{*7o<`4aC|wwlZMjyY8MYcV3|! zTRv!?Mkt8;MMDm^%rEZLgG6_@m%YzJaKI!IJ}u}wW$S(I39ZM|=@MtyZwP#QwfXlJ zzVzX(hm5PLM5eT%c2!DWTiAnrEFg;C6VvZmtNH90!RvWj%0tV^|3fW$Ee*+umknO1 z$4doS@{;fB|$<6rmqU@sWRqZp53ZX>ByXgsPMKDEQQt_(okGXz| zu}_RddTL61a9tgjO4gxjnC4s~aWeH=Dr-~iWm)gM^&IF_;jx80)`{A8vP8(Fh4T}e&`T85~qP{rG) zUZHNinlShfTK~MkN`n5C8IcL8S(Bf8O^AH5C8RF%*e=a?vSH!Rh zT4kH_Gk}Lqufkk-V=Fy^O3If|R1{yD-QikYN|qp{ewZW~TUDez>zN#Z`mi`m%>Rw~ zfvKA8cd?HKhMdc%lBG=6+Lqa%5+=d;3GaGO!CbnY zFrD;gh%UjOavFr6i$5clu<(_=@(c21s71(SHoNqTh9~$xn>;cU>Z?=>DZ+{|deo6! zRB~^zEi%Dmp8I}7N`36g7@-rz%fB|dJS#suuc0WjK?wDoA~CJ*gr{QP)OU$r*SXw# z-@)**!1hPu!e8x_#d@fL&iLbmJuHcRR^|5;gjiN^ihRpNw(j}t&nwvW%b1Os8vV^k zxW1%sH+g&gAtuf+)rf{ncK)Mxb;F@4t5!!o8H8%M)s|6dIqe+b7BX;*({fIaCM1+~ z%g<=(&(v;)3W#+&$avo2%C$4O;dgB8xCBMl9GaJ{cG?a_T1!t#iWvWyB~^9F;PJf| zOkH2N@8iw06z4Z!M=SebmttoTD@(N|q^K<_lcNCY;HM0AtH5-sp;4E_9M(Yh7?P~x z;`|wMr!e1Se<@l1m(i0Xt?#*~BMxLC#Z?6xj`1onoPD}V#Rka)XK3TmGIU*v%E{Se zwu;G~xO*sWJ?kT{H-pyl1T3SP-Oe+nZO{pL8gJgtCb#k;OhO!_{{HdW?;wZ7yU}Y?==rAjVy*oZ2y-bPrQSP2=;_LK4mEs zYlmSKie`gkW*oh$!k~kqgXF*V7q(&^LL3xhL@s)IkM`rypfGiym3$fuA-S$EIw7?8 z)UWZY6QlPyG3K#Ozd~5ZX!6S%rZ4~?P)VDKQcAr|CeE~(4cshi%^ZDPQk;aKBaS6d zo_`o6p=;qGO~mv~ebrI3bzGP}t1vcx&R%H;Q-T<14V8e|&N=)lRXT zf%qPJi8|gW%Z8_yao>#unix!}`Z(`r#qvs}+heZyaadqVfwbNT5vqtDSr8_@$U+FK z3;HJ<=N}xR@C1gc7!@AD-s{dJAy8t9x@|LC{JPa=#V1RmZ7L&cb>Ojut%O;D@ganb z5R-n#j5z*{_qBz~QReX~zGEC+D1DK&dHi(>f95hIUGhSKwOwDWA~0o$u#(cUMnR#$ z5~gR|SzZt*3hF1)Baf7}BGc*QSg<*gLy1`@p0+&fs-eg$ zhy|QWoSauuG_bkbWA}Ie2`~A9CX|pE4u6f=gqR*lG`dm|qGL4bvAxJUL3oKy0ucRG>$;emQS+OTMf<@ELT7A; zqX(bF)<{0CTEF92X;y5?F{5zazSQ7Sd8_q?#yJBxsY0A-q82B^<1??4{2Y0uKS#vO zzMfc5R3DlQyA!?27T@RJ18(r`)u~Imocvos3bMZH;79QB*qKaPNIm$57jkus(mMLA zu6bTwoZSfMdZM^FF>0N1DyN4j$f-6wi2o%hW(7%q_0DQTQ@0C03f>R5Vx$mSYzR)> zHwZ*5V^1`Hx(!%6NsL2^W8gp|{;u#I<|!;BkPEjW26yzjMaUF$9YqT-e4E)SI>}IT z7IZOeUf*}xV5d%09=@jBNv`DMSIo}tW@6MOW~{Z%bLlvYjouiv#S-_P*KPSe5)T;` zlsyd{wmj@xY>O@~_j$|7EiMauAzPAO_+4y#0rYum?8ebI3K3mnz}N7&GUO|EXIYtZ zl|ux#EbQ3-4AsrYD^K=OHD^IGeaYpzdjz2Ia4McV+42-3H!PheI+>=a zyitfxxrP$Svo^WQpXy4}ecPsLH%MGRwlG8WZN}#70AWC>|62~5KjG&m&=w$X?)tN@ zf>j|oO&S8B9h-k2T$A|C_0m;BeqIQx?|PjeKV)(!KbkLcm4#1#->@V}%ceT^Y-^(g zc>h_3kK#1^$)trg$&2JuxAneV*?ZDL5sne&LVEoi7d=eD4D>-dy3DMr?l58Qf6vKf zh~_xSFMn=sEneb0;x-Thn$#(J7DXj{cg71b;yzL_`@xe|t~Hr~lcaKC0BcghPEc@B z%`g3~Q*ZPP&J9N+){F~X?i0%X)*(@q_k^DlmrunFF3&=M)D)nQ?{@N{^+o6%8eNw< z>hSTeGk_`?=tyhq)`I-5W(Dz@UG5zMMT6Z`zJP?wFjC<)tKOho8B$0`n)&@}Phg~# zYHrc9Ha719L_g123n=$w5)L$;9}^(gqbfuav#$PoU}7|29tdTkewJ!(p~k{oJ65YBYqmG@MY(~X65z5*YjS?J5lV}r<}5u;ui!`sEuIp~yIhT3o-TxvztSCd z62qVb;KOo)ZoPb+)ZUgFR3nLB=9w0iNoq;=-dG~eQyD8MDf&A;)>*40=&7Pu+(64kf5 z@^J5SFMMvh=)!|klGG@njif+f=7GstUA$bm0Y6>Y@O<)i=6x7{(>81}^zzuWb=!p@ zDVLE_+r2EdS3txa0t+%uyOI;U#BMAxp+h|B#nd4a7z79Nvps^VBYX;F<6!3F zk4PINd$gH@B(#=Yc6)M9C;@(KQP+1_3m^&%uGi=?SKcdSN+5YbkxqWnf^kF?H6ZML zFD!TSL!oL2>ihP+AL?xo*H=!DMcQIyAiy76F~2w%G%r&sdQ2HbRGD%k)vE3R_tzw` zASUFrh|^B?auR+Vh$#w-0e**vRDK!yQOI6zyJLs*BW9*n^CBa$>@~%BfT)FFt{oi$ zHSO&{BO3RxV~g?l@G!Tz8-;f3=NA+h!+)L?{(2m}qj6lSHdM|_D*xkN2SJYoGGpJi zEz6Bj8JWl??=4MAp;$YKWO?y>cRCzJl;d<}vcLVS!ha=Dp}LS;VHjPfLZjY2rv~jv zbPJr&8K`tmUeX)gp3lGXs1NY76-Y6<@8Jmu561lB_w$MOq@~}vBc!+z?g}TNd&*`; zlegZ^D`{Rn!8AIZd?m1tr`B!p%e(^Nd~G;0xw%*bb!TVd*HenP=^q4&gZvr&f}h6w z$;)+ig){?18CZsZScO`6i!!NURXo|aH~yDeOpg{2toT>9W6rPV6^?NlD&4VvJ?0&c z4XwCFbGm!{Ufw*LerasN0Lu1#Bfm~K));<*How1k@$i*zZ(?)C+c|PfSCgxZUP@8} zlR9-t$$HV7A;I5Zdrvl+E?Or2tn=p>Hv`|7hLZWUl++ixMjviOCa11LCWGlK*pLZ? ztpdf<_)Dr-Pk{K@f_e6fY%w@T_!(z`^z0w{eJb@nNlMZ@=y&OJ$d?_sE|yFF083XH zBsKHcZqd4wK!-1s`4mID91A9lHSfJEuakKR;e_cWSnX@+H7I;=msPRHaTmPE0=SsT zw|yiGi&q<4i1xC7r<`RP%`#!;LI}-3iN@%aRj^#H4YfFxAwP;ylx7SIHhw|mYXEIX zD&G$gP6hn)rdR_FaL;0C?CIN-N!huCN+T6b0ev~6fRY$sV>f#!CJu)Ip*{G0Ua<@- z;tEISWr6wFPXp#s(K=vj*K$h2N$Y@4K;{a@vWirk(){B5vD*9;OHR_w+B+1-2!4fG zt@4ec`is`{?c(yI%S3|ANHS7-A;`t0Cp?P=-@Qb#&tf22vR$YmL(1mCs$M;`ltS1{ufYX~Hk=GFw0feg7LzDF-#i9YK$4VNF`S}bM08AQ>V2r0mstZ>kID1DA9jj-pOhbx7CDMG0ErMk z74x>%-bfkG2ad+&D)9}5<05f(4sjL)AEok+?`h!zGNB{>|=l%E}tjGlgM*d8VL! z+f1pSF2SG^1P>75fP6C-

lNV=jBRCvJ;b??7A0-oDS;uyel@*HXub!GCD&1Om%u zQK^$S11nE3k9H}SSkvu(rq$@H z#OnlTBeZx$o^)g1ZC{OhC%FJgOyBYos2t7i)^X4F$zcu7C-(8YBp85IVTiMOwt$gt z7aA2m)z^O&3GCcRox(Cgc)$N12YJ*$%o+y>NRYi!+EDbRzw=r6j)s~=JB~12&!wiZ z)56FC@d_&C`!6p9+NOY|Iesx#xHa!sC7Q4Dt%b%`u^FPLfh3ERf1{{_j*?{*)$zp81Q{?7{ln|X6s$+qZI zMOgF$U$axfUN*ki2oP#ui>OlqEgBOIXG<%>DwDn{7-=u!3(*aHthY~1lqVN8dLMt^=_ncH_$Z0w zVy3Mi8HT}o;Zs5^06X)0?G8EjpBxgFOe`Lo#?LtXr_Xe-(A|p%+(ImxqEj(Q=XB*{ zV|l&T()Q*BXQ>7Rxo;g?>*-CjP!2^!YU&6r_3gx$h`7*5l6m2rY^(>Bg$uM$Qf?f66lCO!t~tU!0M_t@ zw_`k0lR;>}^&XhN#ELqh1pV_bGo-FNV?P~4n0l+W@4V*o6=N=eT5irL@!x8%DnwNS zdhvlk^etsL*V~CXd^OLO51w@M;tBx)O(!4)0%*)zANZ3?UbY(7=C`=}jPNFL=Fmze zsB9->h;H3qO9g&BwQRmqF%sI&TkDBB+>BY*~CW?pHVZ-lQ0|DPQsu zL^bJtMNf7!d(8T~_58XHg4_t*WglZBIOMQjx4!+%^s9jfEq*LqXc95F`=DFAxqGZJx{9Kj-)CFg=3fD5Ndnr>Efv&wQSv6XZ)JKLa zlD8Bqa>sa*)6y&;17`hcL!h5TD=;x*AL@SU9ZFhQP38d*LbBX!LMXU4d+x2PFwI|Fvcu&(#t z#mt;BrBplL9Y@s$mt2Q(zcmBWT-A$R{_D=+K`fc7v?EaK)J!fsV0aa@MYhDr0zBUz zRY;dYMDNHd(dV0eN3q&Iph2a8=Syzuoo}EdT>Z36Mwp9%nez^_#gWmwa>OR{1|BLo z><$2n32ij&04cgn{bYr??2H(nmZ^YM% zaepOgFgYxKo7gQmqA-1TN05eJ-uWIvH*|fEVEym#heEkX6@MLY%&@d`CuE5)t>mov zGGQO|I?D>GvUhe;B_8~czy-%p4!?VQAjs&LPol*U#voZkhD!MEl0r~3>kN`3vcUQB zcJSH6oho|N1-+@TUP#W0Pr7Tuh({{nx)# ziymXl?zX7k|3lUB>mOs4E&;lSc|Hg|u1;e{zDr9K|M;tT-oDQ8*e7gu+a>s@1?YRM z(&}MZ!3YPq9@0wj1%)ab=x7y<|1pxG168(UT0S-?7e_jGGh4A7cl-Pt4q{_#D+P9+ zLU$hSLUY>43xRIi*=@nQ%hGHqkJf$`L%lGs zAowA_%dN^o)O^&RSEPS|=;2?wHaO5w2SZS=&Un|LNp1n~ z?fJN%Iw|#*?Tkskm-@ekHbtO5-pW%*FUD26qwz3@PcP_v9ePK{p#-q9#o7J(O^CiC zjRU{Ol-~I4ks-NC($Wl-h}m$tnFp0=3mvV=$#gAq#ns=RL~25;*)2XvI=x~lXyHfN z&oCK4sQ(#FIsQK9Tc!K|BOH<1(hs7&-;3(%^5ANCahjpr~rXy9yY38_r9 z8(|)jLk_7WR%e^b=0i7Iga6!IOPuS72t0XjRC1G%7DVVCnrWeN-s4fm8<~Ii8(T5B z!7Z}-j+|B+*jMyR1AsU|i}e~Bo7c5=KgtgLxDK<(Xm$AOugiFKfmBI+{QZN4Y-ONR zk?`rB*FIABtR0&3iPOmWhvU`XB2a8p@nu=4&)eBKZohqybynIY1J6Ona7Q8hRz<=2 zfxyIlSX@}<*(L3#*E7){V(JSVt7t(iZ|M-XT4lwH-JQ^3S|d>+*hBemPcU41(&UxM zGP5$A&knnJ`Ou*G9vF%q?noD1YicsG8@8;*|BH6>K@mkngx|7Iw<~Cy_C^pL8rz~( z&%eZ$QWhr}rWF2X$*eux5NkZH$Z@ZGRAv9F7Qablx6Lj(o$N`pf5JG%Conf!miHBJ zp_>K#1-ee(ZL(U?EFO|ykhiyaNnsy0%%v$W;2&__{V~P*lTn@;_AmLA^u9v5Pd)oz z60wn*>-i>%BN#uxqnPJVUfz5P>hq6N8q0ylm3u>4DD99bYA3@ph*t0S#MZF-kr+Mw zXM5>91bfwuHXLPwhT}a_kz4Z5I8wSz%v(QRYXy)scpaG{LWd(Hp3Y;!h~4n^NN0^5 zWLLhI*q1ZJ*zx4L`(vzC%0R&X{6ZIjxU;j$S=>MT7)fnAhg7Oz{3rH;7Oe?dEa%oO zf3QkGeTFO>sTcL%ylV3~-7B%+i8Wn#&IHb|@#)n!>ZAwLET>e*Ml>BU566_iEE=UW zmXsBqcxlvCX3y?-afcPWi>%ndeiRMpLJNssx9L0Y!d|=G#GX`&&Aw?JDLW3Z%wi{E z0g9>I3W0Hs48s9_T8Lr=UVBrkrN!+DnPS1k5_S8!0qQp_4xvJX%&Adib4S(5Nkk$G z7wOIX{0>MgupEG43$OA0A6Q^yuggxux1Mcvi&jln+Ibc{SdtvVnZ@&49Ko5j_woJ= zfh)L0dv@w`<#|wP8JSPUxZa`A9XOPEkCA$^_(2x^x;TskS3X1DP#*C(qgn|*sNC!3%M#vR|SGiS(KdeS-1_T`*kpN!6nSA|rtU5Jfh z!Pvrqt!#`pFJoCFc}}$!+4T+017u7P)iXT)u^^g#zi28JbHW((@@t_;Ke1>qPAn;J z$xhoD(`h6@t}e-c^0*sr_AF|_{HMF)O3F;{-tA6@Ee!6a=a^d6%t((!j)J{OW863M z8I2&Cf%R-Rg2wXSGZu#gD-m(WaX@WwHFenVb}U8kH0`zV^LrsqZtX!BZ{%gz892`1 zc~J2=L+-du6&j7Xb25%R7=K(zo`d*-C%5`caz|X00ii|_8iGx<_cyBsH%Q>Mc0e+<+r8vdIt3yZ6_=DHgl68))K2T{Q>SBcwZeu*4ZX#y z_TT)IhdNDw-z***jQ>ts)6M24UXA8q`TpBYlBR?hfS zI(DUJ7nxHlBuggF z)zNE|wRX86^eWF-2}9zDx1zk87@DItBn3zCTaPDyNsZ3mLS@(xI*%gJsc3Xw{Owbi zFt>0^G@=mrBPQWv(R+Xpz~M$bm2S6aKxeM{Mo;(OjK94Z$n?NLIF2U#h?sr6VRu86V{MpNz=bxVUWxxAQRbo7*;AeqM`zTt23#bh~ft?HD zmm&1hDX)>vZKTf^a07W*}rYfYpW|_gK zF@Z$(KfCw5QRZ4tk^SFD(~~hJ^naHXwS@Ans=W4#-p715@H0l&w}O!7A*UW9cA7bR zv$$ZuT>d~+LD|BB(O5>$7SmHoZqCa>4dky04R}a^q zH;~iVCJnkBbd@juAb%Cw4UJ%2-5!?Ei0@NWW^$3xM>Bj}y1T`dIU|j%WG>K~{;PCO zkseKYohVTFgvH)iIkvdnbiyd{dhA+(d4>iWB1kf>CPN8EovzFExbk1q*#(Fa>F34G zJ}PiDtnS9dsC?4w_Y#r+dI$X3WQyFERn;+Fos<~cY)pFnZm_qW`$Q(_`?i?&;hKV& z^}=)VxbVGKA9q6g{)?Q2{mOZ4D!cwoXO4s&vU;QGhwHDVexv>FB4+!-PMIpr6zIwlXr&(D201<5HhCjIU>vbg1L=@0R!+$j)q%E6QZw9-vR#_|$Qra)0Gc`@ZW}5ZZ zT_A&}Vyu7c|I-$C=OD-`29PIGAr{(T+AsFR*9B8L;0PW-8$@+-DZrbmH`lx@~ zhHg}$q43fD?QFW64~hjZo5vZlOyvYYLpK$;W5;&#Cw@k{J{*e4^WL=O@81qhe!T#g5T8b?_Wh39DhW92dVa3G0u~m4#rSFcUELOF zakiwD6`(K}axG_EYmjyW@CX3C5;ZTb?~O`ne}_xovci&yCL=^|@?*Uf?Z;w{?osKp1fnerFx*IAXpl8t@)1NE%{~8Yev18o}E73 zv(eKN5XeGmUEs|QPG~FSb-mc{mYyyKb{Rb2du21gGzVH;`G3N{_!~hCxVG1m(4x-d zJEknRUWM9V4~}U2v(qlj*R|_TS6sR@Or21|$%7+u5aHtN>H(Lw_|B zk8FwXZqr1q_BMQED#M7GC3gb{bz{hCK_tlIAPQ+DGP5BO4oG9ReRSoHqJ1YdhF|eJ zs^68|e}>sZK1dT_6DAng!*^WZ#+?}-@BH%bQya^x`$%03O&J=ygY>RfsXA1>ECvy1 zrMKZO$c}@?O~)&o1BL`Lz^=10rNT`S{LFO;x(wsq`F*VvjenVs(%MNakVPO==<%)E zyy?2pLTVREAAY2S9^T@uwO(2*;DxF9QJ{*)tU}-wx4w%n=2L%d0i^6ly~oM^Xu2J@ ziXat)$%8>g_w_e#D8urcey6>#a1MO;-lDSYAy=>0k3VgCrfT!xgl@c1(qNj@^ws+( z!Fv47>(AJu&WtAR-8d2-)J{%cfSVLNVojwwf#xV5*BHIz^OLum9hTLUu@A!hiRWgX z-K@O`6pr(ef7w9u(7|o~Egd&?BIg-8FHz#CNIRnb0rx`XAJZ@Yy4xU9cxf4c!n)8A z|44HFeaL2D(MkJ#I`t^UyRvZoYl!9=N|u+$6dz8ND9o5%tw!86(bOt+rw<@yjteX! z4f$Hr*MHyd9S>*RtCu%yp)>QQK7v;x5t$`@s`r9&4UN@afT0S*vP07^sk zu&^Hh4iYwHoE{6nNU%JgUnKuvYz3?CiSJ3KYEx>x4|ln@_(6XdMUPh@qPUHg-CYYZ z8U=o^*%Q@~{JhFr0|K6Rhu^PpAZ~JK9h^hNpmEmUXux~wZ)FEUdLtUrRso*qf9ay) zg@gVeQDl-*W}r46F&Lme!Vm-{q7gU= zVFGDfi6CsBN@e?ApB;9i%QV+g|4s)5n9L&!67lcV@iDRYE5H+`^i+&6Y}gT7M|7Zw zOG)ImxxsY^eQMI;#B3^7u$HEXMKt5eZVb@`{0L(e9%b;t@b)o~V(V|!r7ZWTcLY+Q zUO0DZ8wk@)*|tXQ`9I^hq)Rgz!d$Cv!5tBIg&`G5&Q4t%8+Cw39kdj1sen_RD-!NL zJlm2jS~5`~r50{Q%od%hZdHV7g0-@xf_kWHCA?y~b{d>~^|cV~e=sp!jv< zi=HPs(Xi@^9qB$=NB!ARRk*h-TqW-~dygAwDFgG34L&7cz1vOR9>Crrft{zjAd-p) zYRcCyp;!liHoR&XNMNMV^wp|(OcM=kLVu(Vr;au1+^;}_1GrNu@Iyfs)rY?h4B(2E zJZ@pc#s|?5$yAR}5>rHu+)^M@!&w&>JyY_x5itj;Z;c-n+4`&7-^1$~!KX4SmOU`@ z!|`r{ZR*}ZOeAkWhSz$S4Q+-|e%TpNnm!QwEs`BZVWFOaE5FZ|yKSozw1yn8S*sIP zr2s!%hrh;rvD0!jYA8O*S!SjdJj131$q4+@rmg3Dd)*yFmIgAHLx!4w1tyld?{h2##oBk=NZ!)UHU*J|vKS4yu_X&S2+qw!iU`;7Z4 z_3NDLq{rK8`1;)qqZd9DH^|=U*y|!@yuPvDmJ6L7Z&V z%BI1?-}Lg;HkFF)`AX>_maxx~q_lXd!abFrf}`p`|BoJrYi4%aH5U+ z;p1PcuS#Gh+d4n*ay7U%5V(RPlb?LP(!h>z_8ty;+)@362G!&rjb?|cx8(h-u{NY` z_k=e;i%+ck)!?d8+@(Emjo_=B{&W9qV{IQYY0yWu^?x%SNEwx>F5IuM4=SaedO*7!h-6@!I7cq!H- z@o9PmH@f6$QQtnt+mAVdUgSquTeiIWgPFCZ3;75~%zA<7H!@^J_Qlf&mP94j;;&w~ zb^J6j&*%dNJMaPeuw=#*dJ;&n6ux4w4PI*4yw~`cO?8Szs*{>P)-dpX=EXjK@o+?X zAc=ds*<)4Suif0mjW6B^6%!A~^6@OqbdddGhl{XV)MKV8mu6UKa-qmKf7ytBx= zAp50iKGXqHu~jKm?kB#}hPpDjz@Kg;H1~^Gz1eO#$}d2mJLlI}qA~c_mc(UD+?adl zklis@wGI@FDihg)$BZq87gZ@jLF(97H=!}a%D&D$WO9=kXbJlP0e0N)`~}pBCRUd5 zR>7;4rIZYZWfB}OPIiq#uZdDoG-m&7&M8YcNlm|%FS0cyN>;il1mvHR#Bm<|l3Kcm zDk-G~+{xLv*-xIpRREE>j*?`O&s15@Tjj2VIFk!HWrcH}Mjj@1g}v9+9gg>)z{o1qIQ$T~ZZH=P#wJa~o#Em%(Ox&pR9?57 z5uuDniOMW*@gkzKQ2j@6P6my_S!6BKcMY~1f#6f`=Pwi(rv?{Sov!+^6>bn#sl`({ zkrd1-x;|aF0T!?Gd5C@pjJ7I*=8oWa3#h!VcYXD=`!fO0bhxpr?N|TGoLU=YI3A_c z^WnB+0lO0p#@yf_3K^DBwow=t%2;#YrehZrfBj?SE!;g>2pJM)dAVs}?{?q^m2j;aBYdnu3t`PmgnyJ8PLF)VBWXhW@v`=;d zi)s?erF&*;=Z9qmtZO9k!<{V>QfS!N>-GFYj-=U>-VO-=E|!;0B{?yA@~v@)W&lW^ zjW<7kuk9~dT{T+1&|Zv&t4er2DsXw}v3Iw7T$ohDbsF^mZMGo+W2l0G3Zv6roP+=u zl;9tnh>M}9r*IQ)4O!zS@KQ&)S#C2@m32P7%*Y!>XH zj}r?V$F`_{Oy=o%K2v^6%4j{jaex!@eF2_%3UWUe`XlDW&GJzo?z%!Dv&yX0Z!E!3+t@VC`4c5l z>VlUWd0jONO7XfgR@t3@8lsDdyL9;jGxIW;`=OB{FS!*a#c~uI?*W{oaO1=9#Etr zYg^ z51v09$TNsOx>+UftTisJ5-mnmVojkhE*YGF#psw^u>Po{qgwM-_JonPQF&oXd)(=A zAt))Mf;@q3XXQc%aL|4keJv#|cQXb}Og8t&tmHgnhWLpW^k8N$qN!#pxxroA3rTSU z*`X5x?+L&soIC3!A~{qnEYP9)h3b2t)%Dl}li+czJTg7zSkRpk*OS9yRG#`!%a%P@ z{O;$-IUP0qJnjzM-X2##pY$by3cZ2t>}k^Ik9TWe5=L;8mLQq{Xv^GeFO}OLyky|^ zr3HU+!HyT<6-9bWmA*{@R5+Asi)Q{pkhj6=tDH%q>Th*jkJ-Oju#<;se_C3ROkqFN zSga>m1?9l&_toseKy|fsDppg%o4b|bdP8mMc8@1~DxUPMsK#hF5B4t1lnNYganXV| z4a{~kmWQ8QOm2K2Nb;h_Y%9dhd9V;jQBy5S=P_)3E_PnlXPq2$oCd51dXL_>bsR-@ z+iIx@^9iHvpWH%USdR=_9{w_OJ^kvCpNxk(J(m1Mj*^zgQ(*T1as(nGVoSmP3;x0k z)9MTER~YMh%*&RE3?*_Lf}1bM6~7~V8H40BO+%mIWq!=HJaono4Yu6h)k?uafh?x@ zx4C@k%cW=zAq=}-rGZ8ePF_se6q90$UqDN_w2aQRt=_WB0XwNI`*&WDVX#hxr13gxNS3cUgg$RMyDv~ z0(fF&r>5xC$cG@79)i1KCzXdN{OX83XjWlWo9va6t(STdSVal?|TbQx} z+6{?t!JX)LhdZ91v8m`kZ=eA5c_yRPsOMqAvwf?e_55V^8P0G7Ab3`X<;@Z)qgJ0*FCsz)i{#dUT zP#Aqs)#p|BxN6V+fsee6WU^b15Py|>SbN6Mw_nfGXTH$g2Xh$QNp}2pF;juuPsT=z zq41^({YH9X6oy6ei}m-in55fXWFK>KT6G;}ycu(jkQApNG&08nFbeC8f9M zJHW;33C;0fD4$=_b*a6}KDO&pLk2M!EMeLk>-tJqQ zOrf?m4a{J52xfSus2CHgLRY@tXoDqwLKeqYkid8$<7Q_AF7%5MK6=Xw8wS4%w`RAS zzZV9S0kHBc!CidNo9^vi0=)i;>J@Lfu=CFVkDcR^tst6lN`GbA*a>~CF{&0TY+ZHp z&YSO8g6)nYR8a#(f$zbk#EBTIuI{xbbKDAUKr|$9G|ZT>1X+RLZ$JBcu9(Ez0q18= zm9WKP`a6sixTrru{LQZeAfkt zLUXtLr+W8!)~QSYH5Cb<^;q8CYRC{OPkO+`d7JU#Gx3*qgr?j**c=yp-=p?eR4a17 zBh5u=IY{9TcivqH-kM-~ZJ&J#n{&v(#<;XcD@_tJn+5|%rMOG~cZcL+*(WJe zEPzpB(W?P#;r{BC!%L1KgMFB}+crFH(p+}05|O8xM49s5b9@=KxrC`gIJha5%$8Q( zTF5J|6UxOgcrAK+@YVwy?#0m%LM#bT{cCsn2lgLga)bC#P|3|8BG#Zpcss!1cJ$RM zN$@>Q)LreAf&EJ_?Ry2JX~V7=Xho24OgM&5%5i1i;$|JTTshC|u5 ze?-bQWyzx~p)AqZvlB(3tTFa%&4^^lmi;N!qZA>E5V9n@tb<8JLXtHGBTKT5Ei}Wt z=ly?<pHLV{A~~K>Gm{qJ^)t8vgLzj>Bb-A8}xzDIa?z5{6W z)p)9HG2q!lA~ZyK$09*Do$`hD_Lt2a1evQe`#%`4t{`vK-78ZQ+%oIgs#2blwMD92 zd4WvDs@C@_%)R0sfIU9%8P9J=<5!t2%ZXlgRbz3x&K(=?`93iPK^N&u#w1pc5{$M7 zj&h!^T)BCgdwTU}DD6#063N)6tD36{j>I``{#3$++x?(@4{JJ4pV95!xGMgmV)m6G zV%0^|&{q-)0yKcj$*ZQFy=m^{AD_=yXKSd?X*i&LK(D#k?HLtpefOE^;7$2QIz`0H zH3FfNTJiZT+GkmzywejP2>>Jky@F5{0PkiskvGIr?+ar(f^$P)QO5SB@O(+f-xp}B z2f;fumbA6ZFI!{yk5Vx_U=EB;fi@aZ;cxPGOH7}-`c9=Co(70Do!2{SK@g>0JmuW` zvE$QmzzGKViS+MLHP`XHBSHgv@m36UISdIP!U!Edr{TOh16D29&xPKAXbZ5)zF#7g z$2`)t%2twcECR3cld56yS_|-zAu&5&Iuv3oxXbXk%t>}jZa62;%WRmU4?i{qm1hn< z3={#q)+rv}Y94o&8D2FZI_4^8w<1X-`Nm`Rm9LGB;$hVF{E|vncO0=MI&2ASLihGb zb*ULVwb?sbPE}cmP#)y_;I{~1WpFXaz9~uxlCB6oyX+`;Dm2e63DX&yn!Z!>5TZ;* zDh#4B5I6NQYS{0i;C4NJHV?PZC1_}7#vzA-V4}~I(Q?Ja0XU+=n1yn;oZQVa=>e)f z27}>E#E1~#+wNp`gfw+V3UU-cfVH<&Lt}xVL0_~BNx*;w1Ye@_q|DV~$_j1O zB(j-sY44!PjU&QIM9kMvV0q_YP#nn`m)k!RpsSTd@-4zDrXmRPWp>MCb-*0NnCX-m zn__B8BVG(m;52FLgPE&)0SB{5PJt@r0M>sQkXaQ%6F;nQ{b3p}>LCHA)^N)*)C!D{ zt)m!1H2E=w>`mCku;~ZpKTp!x^5LiL(Ci4#kCS_F5w14VepjyvgUscfas(?)en*@N z&nOqFLaYq+sj=V8==Q;c9s(Z|7WMHrB1B=Pc^@MV+`wxb`4Jf&G-B05XXZnqg{Zyi ztc+B$6ck6>XDTo5#&YgWF=UKp7xxOBrO)sJ>KmJwl@`MmQW_RxEx(T#By&(|#b${ik+!YOGhEmrGGz;|!bLh+zY8mH@!1Mf@vSF_ z%3mrRr{Agw=c7J}4k4Zn`3O&QB^!2AGZJ$Bch)x6tfko@BuOzDYwKAOcx?;zSyzRd zRC^yOC`*fUCz$f5h&xgKpOd^P9L0lEbT=EV8o)C!ALta^I8k+_y4E%jpzp(pM*xXc zAf&AI!u;OZwt5#Q7O>+0qz_Dt2X>+xDsppriAn;E;ocq&Hz5D0>zE7NIVyhW&l^gQ ztEpP%YEMVJP#mlw;p0Uj5bXt8Y>Bk?csSscRxL;gai3QK0tmbz9XE7Rm_c0uxZ(4) z@xX0I>ux~jJPHG|>3U|7Jgvb(M-xDbYdE;~URAHZE(Ap|f^&IldI({Bl`s27hCYxhyz2Ft z(S5Fa<=i3Yr5W&n)_O?Sr=%VeU$! zEkKm~o^Re=Q^sSq=C^9V{?|}nW0*2@=1#Jx=*BdNhyj$_qWFrSU8R$o7PLPeEnC+G zm@wQ)RLQYow`-3(_q+a%(9{n0$97Rg>GuyxwgY;yWIZO1Aty1U9EkP zZm4u$)u>#3^=>7wQ-a5^4hoM|*3lEbBbxG2T6 zOQ+5Q+6qeIX_tggcxdZ`e+)e+o5963OWIQK_9ieC^->2X{45gQ%r&UE;vXK&m}LNL zf{6a%F`yZ?G8HrE+VfUt*<};a_>(~eEhi8OKrw`Wn7Q_PW-rz$s0Ejs#}6Il1eo-w zR46-rO0GhuzRa0nGeB7Tm<8X3cVKOL(f+&@Qjt$rXGRENk_(@zS_1VKJV-L7DWs z7&j<#RHAKSLqHFnz(Rw*c*sX+0F+1*XmV9&$%yrnNk6qn79j$1#WRs0-1bkBS4 zk5-^6v&;nL(~9qp2cr#8oooFTdWhO7gXUKA@1g8QA)nmdyE~z{`~4bkt{^=?NTQIm zC4GVx3%({SszVkD;@ga*c`nXHaH9HG?aaQZ%36H2$+jXBmZ(QC-_`G#`U!nze1N{- z{K5-vOJV-267J5iPYfhnKn6Y4;)@>bTz0$m%l>U3R@E_@i88%yx)p$)j|D%0Tz_?u}wlt!IyNKl75;`1atNsQR}Y({ejoQ zE;QWV10&f?{*42hoE^nHeJIu~_ymn~xNv-HrCJ)0C^v9GrfIU}b!n`luY$Zgy!ku& z?cDH8XXxlbreH?M1vHNR;_K_^2)j*`eI~Dz13;b-trt@wuBM=GZtSIcRtQ#>+JGh> z+&7r?i?(v_Eufl$lkCgK+t;yUaUc0fr-uL;rPa1x`-+;b2tWv->f6^N(_^xEOORkm zV%X2r@8^2EC_YRO_JeE{dnIEVgt7+`I!`8~B5#xIB|1EbcTobE_vId*s>T7T*kt&c z;041ENwFX)LS=Bo5SipYf8GIF>ArS>-8qpFAthSu3tc{extY-PB7Tx25Rw~l;_RsG zPD26cd~`;uDVOm=OXS?{H7(FbvyENMl97HPxIMJZsJQJ=fU0#D62rm!gJ2&dt}dIf zOI)0s?iL^)_rX*9?J&;2eOQoWtkGvIYipX%os)9C-#y3emG zuOS|xUs>{sUVe7jVdDHLz1nDJa26W9xB`$a+#-l7AxRNBRhW_;D%hchQ*=daJvDD% z6<22rW|c5n|Vh<#)LJZM0;AYb!}WbetdPYn3rjUeRWQKJRNwl|Fa zN=@d_S|{5@pTa_345)9p;f>$2Y=cC!E6YXtAiag0O12;+rAguQte_uBg>A*P$`sq? zm&jbjB~6%%p0KzR5?Rs_HBir3^7>MN*bi19`J$)%n)#YS2&~y8YulaK#zh@ggD>O0 zD4vi;XghT$PU-C~iSc-dB^h2%J6c>NGUPzh&#Bul54_&`TPV$zC%4~k=X};*(7m3xz4Tu1h3wOT z6`^~Md~q)ECT&LC4;R)A4%pa%i@v`<1u~C5>Y9U~mF-A^yu3l(D|EWCnKjFZV8Pqy zK2g%&^(?h-SMr^n9NPD^}oVfV`xGn-S`L-v`ZhP*3ud1 L8J{oFb-ME(yX(To literal 0 HcmV?d00001 diff --git a/docs/resources/logo.svg b/docs/resources/logo.svg new file mode 100644 index 00000000..02d17341 --- /dev/null +++ b/docs/resources/logo.svg @@ -0,0 +1,28 @@ + + + + Logo Color + Created with Sketch. + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/docs/resources/macbook_kibana.jpg b/docs/resources/macbook_kibana.jpg new file mode 100644 index 0000000000000000000000000000000000000000..9c307c292313ab2bcea48b3b59d01c5823618db3 GIT binary patch literal 337037 zcmeEv2_TeR+wg6dic~7XRD{UBm2FZXBnc_WBw5Bb*|%Y|APOZ?6tc@Q2`R}`w$fsa zBHPFwW~{?3{xfKKs`vlj@B5zj{r>O&o1U3DbIx^N=i1M8o%`ILg%1ne&>B5$U2TYg z0bEyFMZ z7+DB>LR{b-$RM}aUJu%l=Wl*%r-ULQ=4Ct&!8g4LW?!6P@%u2+$HvLo$^+%LMP5n? zg5+dml~rUE!GBw173d8`1<2dV&Dk5}=5%I@8bF(q_J7i+*=V-nA%r>~j7BwFgALp~qHXc@6e4L$J+*N$k zw=E)90d0D>^tLUFARdnD+m0C=-m(wnX0t_6N{fm4a~emlJnVbXn)K5SHLsY-{8)Ax;ZUQe#Tnb#>vLn#>K-O$VryY&LYyY_CSs9 z_Nae=`rGiLaOoGFRWU%FLE8H6xAL%2-$pkQNf|}(pUGDvSpwSUWjwavAF(J%$|#t8RrIzk-=g>CEy9Z zqv70t@n2X2_@^dKSFRHhOt#osnpgSxnar-#jNsB=c0Mmqh58)uXY^0(}qLAsxHvigl!Y@E+}{H7aB?d<7-wEhQ_xjS3A zc>q88trDzGJK6kJogRxLzw+sB45Ew@9qG8xFPNAJ>36kul-GE_<^{eT<{z2#r_{6@>g#K zVV>Unwq9s#`SbcCfj<)XBY{5>_#=To68Qg50^ci68y8S!dV_irS{P+CKm4_{0`;^E zv}>=f0W-Y-hZwinipcGmmvI%yb#m!Hyik- z7aEIwpthiYvo4hr^d{SK1wn7KEat297RUEGVR2xwG@!Rwm#P7JlWn;GSnOWP`RPse zuW3I0$BJ*6J^j}zc6Dl^d64y z88`hW`%)^6I!ph-y7XhQxs*!Nn=Ff0EOss>%=9MPa*n(NyOw39!*Y2_l z?JaoDbEJVFEPvYV{0fc@8#nRtZ5I(0+aa!?sHD7Wx5~c#TG~1XboGo)Oplr!J8o_b zDr7r*q=UPMrnuiu4>!6BiS!os7k$Hd-5OwTvuu@RU8`xtX63qWo7_3}^?R?~EqJ~{Nd5?c=d@b`#|B}A zp6x_BYm1!ybBvw;PjU8*vG07fL;E1c#TPRpBQq;AGczkYD|oSUu+v{0t2h>4tCnA! zi?22G*V=Ed1%L!7l!=9zg`Jt1eckGntJnR9Uke>z&nhvp?y3aWznn=;kH$ifKoNo|*D!3)qzOt<3f0wmJ7096db9i-0{0yrj!8Grcg1ebS3eXwVT7dR0K*2ZyA9(?~ZodG9 zHU~B%rld(H79a*JZcZr@kTD9#fD`7Uej)>4#{7i}I%aQxIf@iuIJ)mIn30&CX+$v_ zbtP@X0`$zWi)N7eo#dREL$!4RP-w*>~ERy^_uo?E1WXxYk z#mD@=K8PTc(3mV2pb2OGT&|(EaN6l#>7&6+$%irZxE>UR_2~li zxo!6`SW__%r4s1vNA`Z8f^CfSUGQ%A;h7E+b78;A6v*cn$@iVY9BMY3Tn8x3qGsWi zC`4c;oPqv-5`07LGuoXjY`-WCW<)kxrm&n&A-rcAR=n}6kjMWbKY7FoS(62l7esIjuk#rlOXnx&YNnfIRV; zKN!e>k#?YJTo)jjJT{Qjj^XB{KvFxlormNOL?%TdEo$e5qAYf^N?!*z=IX*TjsT3rI_kj1asE}sh{oKizZ<5N<3S1B7dPh?S zgbD!;a2pYn*aMjE%p}1DXpp;S0iv)iUJf#a(kZi^9Ux97q5bP9=hff~P@oi$;&qx} z0CAjlP7t!nWu%o|X9!I z3(%smj~DZhxB)XpRG^f>)jeIy+-L#}N2tkl00VHDMV{$8#D`PZP$coVQFc~L!MBlv zfaZIF^%rQTItAz!kE1Ob=d4yBltdCQ8C}_~MHpXZMiJMY11l0+fNm;>VwPD3v3AdT zvq>_b<2dy$ZgAx{GJt&SW0a?~8;NlE zape6|v?{^?jj0ouBpnt@YY?KHDhIXBGyl3p7OAWah`LaUdgx3z(4llFoFF(!H!?Wk zD6CD4YmSi~NEpW9i=v)_X<^iHgc*371TAO@3yyXWi2eDo1<1Yt_$z{Q$?z7*xR`|< z$O41MarSqA96N%k_z2*!^Nc=pR5aM|PzIAo5+$SC;Qil63`zdDQ6azud^M=p027OnzC4H>Py>>-gd>3~ z$b1_!0X8;E*5#TzM{)$>#KPy~=zAVWEzE8VVHVe>PYVj<1IFN3M>|Ll&s}gN9B}a? ztg{wo*8q)!O4c2S;HrQx(_BYFvyFnVxkq{xeU1J~M`WO$PJ@Blx|D~uyiD1p25d%N!fB&0TWhmq!D0Z5i?y)iyU4R!}ib8 zU@OUbAf~SbbSz1gF1t`_I%bfGj{NDe1{)=LD4zg3csLR@50Ms;W9H=IG2I35qWi#J zxI%!P1BbdU224p8n36M4Za6g^1Q4d4sAWVbiiZ459Po<2LVK7^o&kt(MUQ?&v?G+Z z5=K5aQ;(LVvyG$NqTAi!6kI%=#H-YdP|CA!LtrU-057VCO)wB}OItNIAVLlu38y)L z%?SOO+i-8quOrUFaKdp!o7?V&F|>M*@3xnpa#)6Cc|Wr%J26b{QUJjrJzRn?Z~%CB zn~(5Lp(;U!X34N;v3dFUn_NfkHmZ>sby~`aBvC*HGc_(yMd7H1AdwO2ccpBlq{+(T zx>H9gtGfsr6>^`EkA^#_yu4d~KJ5&5eYocq4zZM=f7Khl(ERuBW9FZz4pbtfQ<3EF!^QnDGI3)H@yx%t{ULIvL zy@)nI_;jL-!Hnq*hG!BVW@R7>uz<2rAiHiUK>kF5^$Y0aaE5bG%0N?Sij zcWqF_3mV#?4n3+G!*2b2u-66i$C#yXjlDk%Vq)}N9vQaE;%Fb&E+HBMuD**8b z=o-~C+g>X*jxu-j$Y9#BIbBl7BW?LRnf>PNCgj_eggvX&kvj~{^&qPeT|K|X!%VA1 zSayu)?%__16*%B$;sH_}nWj2DWHM`FOs(&bfdT{X5+Ji(p3HPMm-&_HWabRPqIs*4 zJ?wrao?C~E>KO%NDh$*Ogg8gtPH z)0j;{(4W-1fBli6QoBo_4=sM|A&1E&?r z;G?5u&KlN>4B{>|(N1@X)41u^$fz`8G@E@Q zZ@*tXqX#}!U0m-9KsmH1kz`iE*mWM+hI(P8hrbGkb&0fO_Bz1c5|8Zdc?wgRCFWK` zdsd~P%w01|^iJs%aUYN4^DvyOm`FPGKKr0Ll3^PA1+11V3}Df<9l2TbR@vCuasQQw zHruqfJ2n014jm%lxS86O?*q~`>qZ4z5fVoJwUgF5h zF&500b zhqTTzkwz@ri>`3v8f35j0V01WNBns)^2i50woXf`jw>RECt=TeBQ5A(@y0B? z|9b;pmQ;RTuJf6vWuB3nOrAX97r%EU+VB*cNGA4m9Z9@(bhSGHHG?r^@dx=#fKudchuduogbDdy4@>0#z@P3!#}jRHKPc{U+*7#8>p>rxwUE7`0h-Vzp>eX?d4p{L6tPV@GXvfXynhXfOHp{mV)z&G$coVG5Et6RU95Dwxeapk1aUXE^vA%61%=Dd~^ zb$bSJ`Np)YIz1?Ic`dOTGE&xynaWD|VR@06&TQf`hptR#)tO(Ve?ZorbV^1Js*5pX z#CPnd2JfI+s}V!69t1@_J@TYvozA)0P`y&WrpzZAxz79%1<77=mx)L3e5+QkQ`m(6DFA zm2e4}e`Y2BkHWwgTK?Wxhy7eZotT`1fy|RI{th zQi2r5rt^+c)p8zxY;D>FOSk-kwqZYcwk69XTQhKK85t*~U~w3kXD6!}}UjlbJ!jl?Vb1q_aH0*Rdlr zIa65=IVi>ulA`WlY$RAzzkJnI?!$gYnnQcI>zBS7`ONo$Kp~gdTnjlGbLshmH*}@R z5TrSYMGQRajrMQ@&;Q3Mmm)o`{59obhyZcL;phmM6^i8@I$~l+&+s~SAUCH&GW58j z=VxNj7{t5WCAS(&&ptkMB2Gx={!BjlFxyNCnHRnHJ#7c=bs`6`rOey1 z6Ipxxq5IQruZuVed&YQm`E6_+j`R$0d4tc9&Bk#}d}Fm%gF~)hH)4=8lZdU? zd-bnK4Hy<$|K=cq-#i000j{T$VizFmrQl#TGl{5F9tHbvqWVM$T6G@SGtketcS(>z zYrW}ruJj~EPHyg&zA(LdTMNxG;o0PiXc?|e(1Y`?A>(TjU2TAMVQ^CVewC-%Vu%S ztD5Gl7oc;n%?*e%mRpOso{xKV>5T$M);l%=Z=6A$wc9(+ zYSo#NtK3n0IQ?4(lPJ4S%p3hGshZ5ax3`)g19Cq$}!!hKw?{3_+R4TH}xdu{lT`V zMBr=q6pUy_V*#6i6RTl_KGa7$+69_8*xJg0(KJ(UF;HF@A)2~=rNjQ$%lTh&^{)-5 zB`!ccwOtSDsB9Edppc_*$_1U@T;IP3BNJmb1vZm7k5X@72H|)tg`)s$MDf9Yxm=EE z?qUiq6Zb1S4ZmK#`zq|87e~XJAexmJc4(Z&pGOAid_ATLLE-_1^il!yvos^muuZPe z!Wd$H5!0_1yKng;L{J+kYWX zv7NM!wnBoe>a+7;yya6oQYeWf`b2_Ua%8V_e0Og+NYEmRTCkszNM7F0qUKjRc9FQj zozs^^p|lkV1pevw#p4wAVvq@%1IUnKfxv!{**>5#f$Z!A0%WF_5i~9OP1gtIOqlOI zAXg{_cPOC7RgN#{Hl%l$^TlB}t0Lj4$5sf%ckOhB8 zVt@}yV?pAt1wOVl!bl>b&-N`qvH=*7pi5%rHh`3}N60gyb*zh`%GM2|vQR)AJhuTy z3DfzdLyn1XaXJm#F;4Pgdj_9hNxHCvWbJjD0EV!VcAmCnNjUrI1Z(&;nvJtjRA#$3 zQd!l$V_od{VH$w-EWp|+P4XOgCWveMj)W%QOJMs6tBjwq#B3@}z>@&cB~%Gp5@<{k zVT4}$&@Kr6NP`p|Iv12gQW_9!?ut(+onZJJonRCh4%BH~2}&s>P<;&02n&~PU%M98Ca8hGTv}gsI4b z+l|k!`ZgI5aW`_rD6yD41Zsr`)FjN{UvP(hA^(DVWrkoec^rV>rzXMw3Xb_Q_X{|C z*2wG#P2eP118_;Y{GH1aWKfjV+f^dIbID++XElVt0V_LBR!@XKM1#YJ=Qbo!!gRrO zIn+elpgdlBnR8%Eb#uEiWczW+Fp{UvmkCV&_d#Gs%$d|g!;^nOpVV~4SQn2=hLb#% zzf1y3lejV626UMnfswXLe<9FOz$q&hB}>QO0QOsH=ixogxWXDLD_RFoqqIy-D)kQ7 zp`e2=DS{6ERAw4GC`}X4BC9TPh9Rw6)L$3LlZ$?b3d{$TM4xageHlmFV+WOK0&ub_ zrrxn~8Q23;0mki6^Q(P8MM}2_PI_t8p@jivN*Egd*h;%#DFkde!H~8O7@Im-C21~V z5!QJb_TvFRvnf#^vD?%;@Il3|9I3#2nvx1LsjOwoe1z(NgnQ7z1_PdFAq*vbtOJ;Z z>6qb*nB~d40T+&yNu+glzzRKp6(-td2*y%ZgYc38x046Hid_o?m<0F%?kimK;gEOQZ$d)*L}J03yz72fnSzFZqf|97R!)m;r}6 z0CCG020@{|d(;3sSP2|?8^*Q?$ON~RuH;3bU@B7Jwq5h9N#MW-qZ2q<#zEI*JpDE) zF4Y>?Xec#-i&9N7SSBBQhwcr0i<#O?RHiY5m@y#$3V{Lfn|`fRfF90^)Of(!Zaiw4 zH9!#842ayx17Wx&ma+gryE5~%!3AIsgY!H!9`_wy+>qqK_65+WS+{OkZy;FE&fZg@ zU4{45!wLQE+dd%=?9fUY{~TEXQ|}JgUa}4o7)fa0OT!{+ zI{Sd(t#sTj_e6#ejfRxnBQtjJNq!<6u!Wi6Q2^o+#Mrt6an-E@@TOnkoxxTmMi)UC zi29g7yO0R1_*srLZEqT!po95%6WGw=lsq=TAWeWlCa74AAR4_XyW3}Mff&ZafF+B+ z23C^|?|GM0C{1NU8v@xLMNoq2s?De0BEqE`lHB9Iyu|dYf~U?n9spYv2X1!T>U(Wn|#2O+;5AFF30+9u8lckuG_KX0W)W zCz0GyU#fs8y4HhzB|2wjc+}`!0{jK05If3}gBB$iRCTo6v1Umtc!egGeXiqp*&e?O zZ^3v-CN=VLMm$rW`O^IyaNGZ&OVMP@%?^7;aD;0(VbJkTemG{@U`nx0u;>{r71w>G zL^Ck0=7j|_@zgYY)!wG z7X^?|pTIwB(n?#vF0TH#9p0NF-W8TKB{hs7t(0DX*6IB88}V>A{i^H37!`Pl9pw_d z)x2wRDBug_5O^--1PB_z9l+ihfP3H_-+6BO9Ez6Tp|jUChM>vD3_I&M^}nVIV!H*`eFWd2`^$} zs3&oaks%7q^Eohtp0$9+J)cb4^TP|!kXGO)GqB989jEDKhGV|)aM5DSMyt?D-n41y zxX*#I)$j?qq!h|kGkO1BL$;xku8)3^Id&{BduyY8-p?&SXYMOL@fE0i7+vK+v&g-| z9YrYMhdpb320~C?;OfB}(WH&NF4qK-E(!XgNAB#EJKFt304q?lhh5E0T@$-QB1v?I zc}>^LA@LPLTVq4OeTW^?-IhwkhuEG7V=a;?;a+X$$-QHr%Cx<_fLNw1M$&^S$IqcMM3C%S^$PHoE1`7LNYT|W* zDLx)KuLF>s!U2k1=(Q

E9H`q?o}W!)tO6GN*y6^LvX)z&#?RBX8H-k0zMClir| z&Mw%!^MG(7wBGG-h7!%J2q>bugrbh>^5Z^ajc{_K%B<4 zuB`@{J*14Xal0RFZM%oFuWk$f6jqpex9i0HJ4NhPZ8L%@g;dKd06MvvchXN;ijCC z7v&x#YBHbI#Kz=L!-CF|V3nnD6`R$?$M9W;u71+u*V;5TJ|Xw!IWaPeMIT1 zzzqe2qZhg(ggwIrc_T-&eHw@%_$ws}R1ti0jk6B|VojDO#i_L^h-5X~U2kes1>jHWlqUGfkoi zUPRdKt(I#9gRWKUJe4w-AD!!H1cc=aJ{@7zXjv)9ypF8RI zpftqzsxPzIGeMsBy~Wf7MJmFiDY>j8_hp@<$4YJ9fh%i1Z0XbOO-y;(Ro%s{7LY;F zY|;?$SzG%KsVK1P6WimR*(;82z4dU~)aXT|uEN~@dq}T~472 zS@VR1&9Ko;V@}?_Zu{<}IiasUn_7UT%@Qmr2+~{WitKXPp_X|QzdhTd8z|Mc_rqSV zs=JytaPJ&#{bQZc4Fexd%wC&!RY_kWj?C)>Il**`-b?S)`ch(Mt5xFmW^WDSfV-0H z?Zn4e4}w0aXDUPxuD`$hIIre|oz_0pN+oqKMH9swDvlWL_f%Fs+HzR&?dQwu?d9Hm z7C$$v+kI3dwwG(gNMXXsjmAY!V%(1KMr%`It|NAnS`9AaaW(ek{3ByE`x~5Y%s85! zPQfF&UYAAQV}RwWv=$+g*lB$BepR?j3eFoE8z<_OV|R+J$?t3P;a?Yd>z%5R)efa8 z6&#mO+&-dZ5;do1B)GJslZdi7S1w;1xRH8os zg-2AXqwt5)!ELB#*z{xNF+z1S*WtI$o;loAYEo1CbVdK;@yq7e>P^mNTi5r$XvFs# z1=}1*i^+b>@=${NN=3;H{%HSGMzx%d?j!LM1JWDOdc@h_Rvm)APNqIS;8^YGR&RZ= ztyhvdWzn*`x;a0?tc-m&;^V^liAV2(NvlU}B&o&OWhJHe-RccsXElX$nC1g{E$+U< zS`Ye3^uvM?YXW5{h7X%4dN<5HBO`?;#?1F^y%CTW#s}>>%*Eu5Zf$B-w5qnK9Rx=d zwOGK-+<)hr{Q#5bIg4y!*LfXE^-c_78=NLynqlfGUa^Isg~kvad+aJAHX{fD`LQX- z+iU!DYgP?k6I-io5*;zTV$@)rNK4jy$-$N>XQaTC|09C&>E6nEBxi*W)TKQwIiA?y+pfb($;}nyU`$>i^wkJ#; z-=AbCxkDR%iJd(+bWJO`&bcmK3>&Y=bqT>U-4&+NTG7SWjvOpK6|&FU=SkVt{V;=8p4@3sn8Z95wWf9}}`VlR4a>o~=bkh!;|SV_)8-yucYCHJMC zi^c$NM!mMdm|r?i4^8zwP4@WkWYo$#d`*U7OnYZ1;0dbEuf?EX3qc0a&axAD<;pHz zpQdihBz(vEeVLaNib~24kMSQUWHt?pBduIjAiAsDHh7J@-axy8Sq)~xG*?6mA0`z4 z-nMC*@ARcLo3-!k(~UlD_Kqv=dDkammH*LfPhw=f5JnZ{5Ia`yOc#do127 zWavG4!QcBy`s))3B|ft@B59 zLex;iI=nzypd2CnMx0$roz#{P!b=z7i%N}s*ZX(}7$Xl4=+v8ghk2-qYO-fe2UD0-FH{AGx ze`})#OH#F2Ab-eYjq7t%mO-4o^W?+raL*OOeW66|YI}$0yokNho6tH0c+h^)s`;3s zBE1^s<@z#~Y2xS4s=J1Ntfv_CjIXV39Nc)ngJC{I*Y=H&z)98l!dJE1XnnYzq)P+|zrM z)k{C1)@I9fh=JM3hZ~=ay_#?yoeA05<7?f{)Ksn|b>wlw7h|7P%@QKN z26ud)nbD)*e4z_>-mbm9f!`V;zweMg*65j)mT=&4_|Ud%DPCa}!Jg#W1ES2{JQKF( z+ZJIfuNw3e6qm zt3Frf3SFPAP5)r0`a!UUchoROFQ5)Ph>i8cgu(gBw%S?sqIfv-yRUiK@ggEKvj#g5zwgU9nSg?O1<5N%g#N4>vcv#w}r@ehhkW zc37hKwP7TVTLH)F6Ivy>z36`QNj{=SUpP!gEXn7nFMqUJGN;eLkYz#lYJL1nYSwdK z{O+O?qucOGD7Ya~S;D%H$;8dBq$2xO^W6Fcb|3c(zS#rzFM`g)`6`H*@M(C6 zcc%bpUpMpp0{OOwuk*BSZ873xt>4Id?VX{e?rh4l0owq1EuWLKQEDi{_%ptw@N&`T zHVQ3Qa-2&2H9o%Xmhz5@+v(aBWSFko{R9`avGh*HT|CL-rbm0M^iCOI1nd$qyt|L? zex`5?-NAJ>rQCwp8l|B`Qfebt&KeDd*_?iZfAf0l;~PA?K5;>^{JpHjXjdYtdV@JO zxTucln5L(6m~*0ueu&KnuhbnoaWC$MxyZRz@u$pOnpX**n|)Efn{+J$eIT@_uF_|x zjpN91sl0qA<$L&TOcD~GX&|*dMg)7b=QLmrfjgVHg%fLKh98{Cehs-_5e&KP0h24P z+n-YI-B`YrqH~`>9jNRQG(Uc9aEEQHOxymG<8rQjY}OO#?wP>@`D+moi1ljl^p8HX zl?0@8YR4R&!6+jaZ16aOLyl?beHzace)q!b<`-*dM{G7Tfw>UR|)#y)2{CyLW7WNkMq+ zov6ZlyEDQ&MIJpmbuD@4n;MAWm2hH^*~@v+O0G*?T;(e&dSPp7Z2Vmw-pH{jNS~D7 zy0UzzJsCQ$Hz4v<{#i-ahT_YQGKdG`MN(5b_V=aVms`7nUuv^>_W;}6;rbn)X8cuO z8|?ik?X+F@?o}H>rB%7=n*4l)2t_oKKD%s%R`;nzyYTY20<~TyH z{(bo6(nsJVb;v(F_WMtq)%#am%R@=WJU51ao}_3kK$h{|wCHrq(c@$qQeS&6Shgg6L?u{=%2XY;!Cm!7B25kN94NtJ5 zn~f4-xq1Q0pFxl%17KXJ6BN-wGz0N8NUj4vH|Y3DT$+3lE|$z#9zY@!@3rsTwE z?B`9s;`roA4mlfzO+#kfy8KG$cA-3fv|+YltUoQ6Dn5Dy6b?rNW2cXNpi12<;?o&K z{k+i-2=>E&-H;eK-bHRMM_eOq1gFbh)&^dl&^j^HU;H4xzf(xBRS;)!QbLdRx_L|ST!zJj00X(l5T@C#h`~n|_aefQIBirogYSLRLSfk2 zoYMpis@^BRiqU3xCm*DPc~M@Fk|e89mtyy#6cfDdDJibU8S$)><4OJ0>y@c9m&5QA zpWR-%KK7RV@Q6H+!#5ihtRjd__jz62S{j>sgJ?N?c_-({xt*tFl(&w_TlQ&jYVvtC z6S*$Tixi|e(4^u_i=#VSrf=B>y?nC&TC9c2eD?G`5MhPEttTI-J>asK z!sZXA;Lo-Ul8(N9uAu@i%y@biF{HfWUWdcmT@OuO-s+vebH=5sIeAfsl6M%RJw=H#*6i{tb}PG%q{G@1QfaW9M=@7sA&j(+}@5I z+qbj*mhPC>WaJ}kOqo!6t|h-p+$D-6cG%qL@r`M#hjF&IPfMNTJ#~6hmZk4V3r?#{ zCmGqfqduRanzO^v@k2Z>v`h7v^@U+ovyd8sS@lSobnxctR@}#xu;^{awjM9LeMW*4QL#7_gz)D+K1IUivxwnv?{slrb<&@?^f zv{>`)+nk?gg(m_=+^z?#G-|z-q=?oAb!`M%h$zyI2P^xR6GtOP%WJYeYJZ5W=g+BD zy;dXGd9n8)A+AcmuqytupCLs^B|m9p^}AU!S9bi~)UAHe`W~CGh}8A@8YfgU(EGc% z(2kyD_`^6cc(f#+dlq^x3|*p3;n3A`p&RXxol`!2)7Sm z)1V`x;{8NpH|g$OgwKF+eYrSnWru^8Qnq4V|8-AToO|C5Rht8ouh_22H}SluC^f3_ zN)`IL_CztA^aJP_gs& z^k#h#Qu@jKw3n4<{4d1Mn2TlGY_~ZD{)pkGfA^D2W|zg)PF;1K32ZJ>)n=7*BZ)`t=e6!q@?^=QX@Ql-VML&cwMB_B;tV%ld5C+)DB;Zq#W z;WEQ@2{btA0)D5AIm!4rpUqUuY^}lQ=#{`T*Q#!B>K$adKW503F5i=w>7?+1#)~ZH zd|#xla$vjmqtb}IHZfz!&AX*&<>l|E?ySewqvJaVs^Ucoh!W2btMdcbh=!oBiV~hT z-qjATU+qBDJK>Zk5_t0NW99(Yw*j(*x)*Lfo1dweUF_eQ_MpV%Dt7NcKic0#Uh3(j@pY}hw%o1S|&>P9de>(33T7&qA zddsXLRX@hTt2DID;O?et(W()jw~Sw#4bTdBeNIc`bU?I*87Vf$C#oiKbt8DnisWyk zs}OLybNIyW-jAv^n^dnjUVp^+f$GSH_aCMyx2WyLJDXLM7I%fD%I9?^^u^rP;}nWM zVEW*tUnJ&EK!n!D&B60Y8!5X8S|C{uaG8HyVeDh4-8^MhRC0Wc^!67w&aP-1ZAA{) zvzC-^_Nl4HajMDM5!x#S*Ei?8O!bo$+}pPJ`&vs^Cfc5b*pf1P5XX&lWW>EbChD;27R#mQm%XRTiJQ|oN7=^BH4Qpxjx#Exn?$An~A_ZnM70Dl|4El zU57082W}v4c}U92c!3_i(q+Aw3*>eU;k0pbmomRM_Fh&>cQ<-6m*jsUZpL1NFXY|P zW_W>h=$Gdh-+uPy_3hLzGx>(*4P__0>$pk!c+-$r*X-xWw2V6ej*J&vH<+w>&SfE( z+RkrV{vhS@g>w@b=iKq*ylC`&;?s8*{4k5T?G>2Ioqe=;g z%Sqijmx{JGNg0e*Ki)~y?7K70{YaZLr{e(gKx27(N|MaeB=-spHG9A6#{|5(^8VuJ zVOL*UnuY%3^J({vb$c1Tn!>IjWxdTuJIeVuygq_cu{r>xW@1htvlTif;aLR)dX*2`)mh zIwY>CrwC;!wj>EV2c#d$k$jWm=6myou>P}GGu09jJ*}alq4>W10>b#-W{T=vUvT#t zspYduMz0U!C3LCKZF98FP*-Olj3WP#pw&Su@x^H5-5a)9{kEgJ{>>UIQ`0>hscHPrPk;yUTWLJP4mR~Cej^nrvKQ(g8Qvy65e33US@#zZ%H|+{=Lx&x1bezUV=#T4> z_6@OrEp8qoT*6n)(yI!w7D_@h0kFD;_(NJ!nZSonfgsq_H_l!vRKiPcT1^=kQ zX?o+EtgBbwL_~YB3H32AKt}>n_mC3sb?Y=?;6_%@ruPa@=A1w4JW7;#NT@BilNlIz z>KG)W+FIUlsQa$-tvPTyVlc23(GYm zj#tcoQF`z+hR^wv+q;dk_G8-bZ9!JlOd_TY$B(~ocGPRg`&{}semi&7+A%NH=59`k zS$>0F-^5_6`)jmocY7BvTI31AGkcB2r;ozOCqcr8)0hV3WCA4mSF`OQ#6C=LP9)%2^F8HH>0`TDF<_c zv~^*@0VP`eFFeMxC!`8;d~kT_Dg^t;(ZtQoP9Aw8{l>zxt{0sfwcYd>^^%`$j$*!j zlygxQJ`ZuIfu_cZ=N^Q2G@LlMJKv2liw z7005k>Tui6U2wlP?@iv8)6uTu>$p8FEjaf0iX$dHA)M@=VXj(LuO4Q;gR`Y;2$M2< zG5qF}Hj14Zqickt-E>8>6&sE? zW#vfj4Hrv0{O?}&|4;LoO@Px2EC<1JN%h2yR6k_byk0ETy!AJ|MxVIqI2KPG6ra+j zKRT*54gQV*goV#%%<~OInGb?9Kqg)LEQlj}VBnFLU#n}}7F>6D*MuWj{iqSkCk~1e zJ~0BZfXAH<|DA8Pzxz*Rf33JPe*f^60a5xNJ-k&s-%D0Ho`1Kui}8ah&$^QzwhCpv zYlx>rVq3dDy3_O!;P&S{t!V*@Z>|5#+4*q+@}RN>b(B8>e-NaZMvp&7%l+m#T0*M-Sc>sx-hh+Oi1HG3=mnF8ewdh}NF$rE@SV*l;c01&M z8n*-d4Wf>f2S^Pb&Qr%>2aAfl9BmAz-Qb3D2j<<|H?^rxS|&2;l{Guqmlh6A=w04y zy0^41yaPKzsjGv9C#_S&h6nDrUdfkX9qe|aWv;ejgAddDsH5t24<+8_+#{kcsA+cJ z(I+cghFa~GeOXqsW%}s&m`dbyZEIKK;lp}~HDfpJ8zaPOxLiz%?wd+=XRc-W zgaOOf69z_FJfD+x{wsE`e#L2NLlml!?or(}>OtU}=wAEeF?;IyO7DT>WG;i0a+9dN z#CK17Dtg%!dF|XP=XMCWaFnf8y2=2KJ8;J45N7eVnVhK`F5`I*5)M9JYepWd30g6> zqBjvdkuRymb982=$)GUqFz(vv5FV+q8U|BsU4<1zu^%16=Qf&Ab3Ggb_E)4Lk93^a zQ4>GG{+i3wLQq{ke6}mJiyI9m!VWka@3TF6DL9^Ym(PbQL9Wl)3i$b6B#PY8b$el+ zXuD43IsTr?dT~+d5tju>=xIvX_+C;(#z-K%RYP#4@2Ro|p^{ti2c2%H1`DhC?0&Z8 zLgMr}0aL+qgoyxW*{%&Mwkbk1unFw(;w4%h(5X zDBEQ!Fbox$`nZf{dPRyJJ<}7jMlWeEn_=}MY*@KQ0m&L{nDaR(O>}74TeFI}KD`oI z5Tv|D<^K2{fl;2xmh0p_CrZMm#yLo@D@sd3Gv239?CdKGTP3G|-plt|Aymo9fDMQq zYuV}hK)mnam8%-4L;mE$EaBosaW}3VdiX%^vcyEzF;=){b8}C9!5(cLqs|}!t^FdG zYWhPq>!7a$dh*i&Z#3#%7NWl2$plM&X8;{f$+56BZ)0)HUMo`rJz;q@#XD}SaOvi% zJ$2Y(NFzL5a!_flzSXbo!~#vQtBWypiec|~;-VTqjL7)t?;%uY=8Pb$!)GSmebQbXe^4$* zA@aF$(%5;2nG#}u-5x?lZ0;~0XI6ZEiG2I3K32I;E_p zXS{N?W3^jHnbNwoBl>}+-cl;BJ=!SIVPzC z6<%8=Eo0)8CZ5!6&QUJZE1=pAdcB4W?|&sjR$HFLMjM2Z|NjKOFVNsP<*!dy|8Ey)GFb}qN}q&TfDmn%Nps5i-!0AX2{PCf z=U)L1q$W*|(lV!}#L}<{<;v*8v{&aSu%01TZ?US%aLoIyGze4PL1lZ4O-$7`wRyD; zFLU!a-a#C!#yyc6dr_5>`JZqXJ$T{ucbzN_WKtco$;q=?>H&uLv5AoFse5vU5a(1q zv`Ijs5xu=)Py>1r$w;f`Q;OC3iZ$-Izqmy6_Oi$F^f2Ex^3m4fjj zu4kpRb@|l{K2&$TsA$FQs|vJ4TaXO%L2}O9SiI`3osxOu;HsTjsxTePD{$_rz}IFh zMA4p^2%`LpIKfRV+R71x*ObGxY_+{Z^^v{dT}(G?FH*t5!7=YMk4F#koG|si(BUei+j_UUUc79e@OBSvP| z?{5#dTx2EyuastLKTx25uWjt~dWLPcqtCMOj$2$JO%twBPWW~oE6ze3ZEEzDl8m(| zI{ndG|9T0p(JS70qmbyz$uiacJ~OYD*H0e4Zg!DWi0?wlw+>=AHsI`~FP73G;FlEM z9@Di$shrT=8mYBXIQ*oJIG1?ZK)OX#Z^;Ya&8V4XiLu)5z?|bdwUqMH$|qM@ZcF6M zslb1}t5|xykeryAZ)6#OBqDmA&agZzu>~n%Mlwdt?1W9;U|SsJLVnMqI?CiV#N0Y_ zZPy!bOo$5iFr3JF1qYDYX!rcHnKVKIZ5QrAJmdE2P88!8%8I%Xgh}h>UPIQ8J~f9n zG%3fb?JqiV?oQe?vp3sQ$XELLQ&r3J$35LeuV<|BW*ZXX!dpzWci=d>(T={UBN~!& zBun*sV>ypJq7PF01kS;e%)dyf!H9?24`{3pb$WQ>fs#s)j>Vat^8>d9r(1ni_M8|j z3Cr_27dsGj6Mx8*>wj_go>5Ik?Y3x;UL>OQE+C+Qbd(M%U8N{piXhTKKp;X$DAGF! zC<>tpNbgARMWpu*q4z`}1W4k2zrD}Cci-`Sdz^Fb-Q)haKi=^&*5FN9S>;*tnR7np zkw+RX?*xhGZE0?h?SY0MGl#@v*~*<6&)(xQa%2){zl*K5?M}Dkwb}f^RtH-YOD}1j087b@Q zek|!NfQ$N5(LmXm^9`fX`R1EYRF^HUWs|n}!8xIMBpyISbm?B8hUT1dS*Fx6IPq=|*b2axb!ox@3OtAT{<27Ab&0iRWGp#y1C_aGWvp! z@1B2zZ1YVkN8`Zjx+FlVZ#f0&EHy4w9NnZ1pz})&u zm=Yy6&5krJMmTh2?#+pHq6IRQ>1b?_#rV~E$99X?wDL72=2@)SRY#lkhXd)m2F`g6 z4e4)F)_L8w6X*KbRC+z)1c|qg8E{G{-A++|QV#aA2tXcFT*CR(|y)YOnbY3cThX3{~ZdJmrv0{j z@00$a!2CVDxuT?OkXcbl@8NpBZ>9vwJsb*O8;qxd{2=zS^{)RNBhT+6_WIXE zbr94WEw6(OUoB_F3IRHWo6V}=$dX$oQ4}S%^^C%4x5%C}=*1A+(~?v8K;RY^s2J8_ zjf)LxjP8qqn$o9@@1|dvKg>(S6|&ey{*DL=T<&Ax;{Q4hnXNam#+D)7mv29h zTg`9xr|u#BbLkXEb$LUTR^PVVQbEDPapE6}tad6sNbH^SAMMslx_>S-n6*(^Q)zF< zWPv|I*-$6#ZFH@G7z-I4K0q=fuAwm2 z;lXp#XhPTR7U0=@UIwJ=Xqv(6cHjef80$I87j4KyV&;Fnpw4GIeS^DT~?p6Fu6 z?lqE&dS@G>H&te7-txk9;;n{FPx|m0Bl4L1s)*0-x#BZF@^~dKGpGVuseZjY%92f& z9_#l9`>L$S-HT`05zR=ID5aJr-mOAB$Qze+%H?7OeTaISzh0~y`Jhhwa_XaqJ8AD0 zsjbU~E4kxUA4#w}q>Ne*|CK(KPEsAvblK%_DP? z=+AkSRIE8NtxuVL_7xVk(qnY_it*jt!mGXOZ$z@v=>)#gzc%;q`~d5_me+*!M=lJ> zueo>WM%CZE`2H899}MT&Xwq_K7ar@LxIf;WMX`jodWBtBjqi%*+8f=U$486c=q`l3 zoTci<0kuiP2=#3{j-X+o7tgRSRxS8NsD#*fLb_swX5X4J_fFh3r4;V|Y27D(G9yJa z1~Kl0aiX4wgToa>oa%h^-2NaRX-)92IAUI4wuj9*hFv0|ef5llZvLma zayTbdC5jvC=vvS#rCVKFKKESv^MZU3Un<}Bo$7BV-%eCG4cFsCmH1lFF>Um%bj}0$ z&My}FNGD(P-WNU^BeOXH$tMItybtFahIp2bF`rRnUy#w!K=$p{4r}OdpK~9(w@(@Z zFAP2z{RNrQgs_khlv>V?4|-6+7voyON9#f)KHYr*K3|cMK0K{+>NwHC= zs@P=ov<>&#?y(guvF1Pxb+gckcE*;bmZA$H?`Yt z+>-N3Gcl^VeT8PVA-V(eXz7?)v3vMfYP@2{(v&5mGLz^bL%ql9G1vl9x6&uMa5Q=7 znmK;A{=pzk3`?4u&$k3wUMV7UeGfR?QV`|dASg`pYjz%ySChJSFqIR=5T&^u zd3#{dCm#8bZwfG(`3t(Pa0j*0aVZcARhn?bSn^LFxSTbu$mz-t!E3&4=+9ii>WBE>M}qyx?nP+0;smAQr?z| zpG0q>o`(YlN*yGesw6iYh&O*KaIGOe!fUubzDI;5X2@~)En`H~d-;7L*Xv`Xyy%5} zs@evdT4A+kRr{!y5c7)acO4!9V>EN{gNIvB%$hm+B~F#j3?&P_H>vyM`z8j_2+0Cl zhy5AfGUcvM;aHP@V`#0NBpF7W-B)T_CeWn}h6=55c$uI%L)>0B%@mkN&)gqsRbx{H zB{9WyF)aMI!hZh@A?i(urs+)FmliNUE(?4r+twEsu6i@-gO zlLio4S#)a)lC8F8qD1PJ!in~RZIo1fo$z5M=vr$xJ`?U_qU?Cx)+nu`mA$17h55q! zB)w%KN8{Zpu9)3qC8kkd_Ko2P3wHox~N*gwsu5qxissrcPH+w(-NpiX8t!>a0 z%hT*QTm^R^Q^5;MTa+_qWUTd}b0%+mCnwVsys}1~Mbvtd19at^`pzay0<^3tuL`{k zN(WsTMB)0s5~x%fN#{*O=djgM(!yE1{EFxI!aj$^<#61Z@0v1w&cxtfVG zspA94{W7B?N4nfhAyXN7K}(f|lNe07VlshBJclc|9>L}c5S~A8=*^B<)qW#K>Q8pvYs;$iNLextk|;K3+TW7Fiq2^8T3Z-F ziZF(#(d|Z%&f+wuo8`%Zd==^jY0CNF(p|kp^?rwH)C;>RT#fIIH`@*n=)rZ}P=b=P zRh4hw0=jhBadbd2HLvSDt}-;?*eiGk-C!sD;4Y~aZ-E-p3M)7rNm~slx;q@`sNNmoHOhbAc%7rh!uK<4#VU3MkT{3T9LB-Ao)E!yqYb4#? zKw%94w#2o>zz-wzL}!N#7tsLGPU}$NMQI^QqpJmOG`ftDzcYyh-F2kU|1@u?%e(1F zM#R#mjRD8B)nz84wvpOU4iq>{T9gg)h4-Y)rDhR)o9ehrhD(@LVK(Eg z%`d(~Zkhiaql^<8{G)$6crDC~!6yHW9fy+LB7~mkGG9+|sM$*x%oFYwrAdM(H^W}7 z`yQ5}MplozEQpabH*`ytqijvz4?d*Ox)bxGS~9g?r71X*QrIWZ`D9QJyZfL|d7*yI zr`9WLPl>sylG@e#b>X!#mY6@eqSQZGm~Uvuc?uGrtJy{7Iiv*H^{Rhh*-bPs-ZJj6 z&{_KfTe7+tm(VycZC#UC2Al9=n@uqee-|aq)-f#O_E0}TZkh_-p$}Co!omWqI+uy3 zz3-OL#KRJ+KFCzuolhE&C!Qj83 za-eH`)znC0h3^U#J!-#MP}si%OA!Il8%UCpeqN=*4Wl)1^oXuX2;$`!fe9;Qf`%b- z#m!3}_1lQoMx`2399AUwRJ$(4k;!I(C+-O$<72JrW6PdiOctVK2?WdEQCjpGe6|e%98DiKU=1 ztSIo@a5KmXRAm9i^PH6NCJ-$JBd~D&iE=(vec)NC!TGbK7awTum^~E9k%yjtF$^TF z5;Kl@lfI`UNSM7ej#svIHAmKWIbS!B|B9CR)JbxkAMx(RcB&)&nvJ1?c8kt^F+UJ2 z`g{Is-e!*>HYwBl#6?1JKeuE2r)urIX~Vf=f`u;XuuN-Upz=*lvlUvPS56>`x2bO2 z!hY&@gUO*AVa%t}W&sM3PzNnrEO6Je$G`wCN)0g2j^_{I` z=|7;V4)|VCSA6ju}1EcR`Sc&A=&Zbr9e^ zOQxpE#xU7~GtkSbp$A{+Bi=QQrTx?o>65-BM*CwH$DyQX8LN;L+Ge35?7CHT%z!`H z*T4!;cE3pNphWNk5a?A<#-bki;-qnRCKtYez=h4lz|iDfW)8!tHwyg6JFb@jQPu8<}xiE{BBk@O($ zHolq%eZa}niVa=G8+XWLvQ@H%_Vnf`zqe7mmK4!5a_8mUVY%%n(3MjZt|x>*Wsyx1 z($k0ttX?b)S~DF>7U?PXSWM><-MG2~)ID8@TfuGQ7 zIT2ymk`X=AgaYZ%-)7`m zIC();@71Ly>aY$_+C)J+ArE~i``$UXV4bg?&*9XuXUMi74~GXn23S)a>4O;7yA{8h z1wr3^?X(2mk&Kd0)_h?=fpPR{y_Ui#(StqdW3oMCIg8aPkr%_YDLDz*;FQJY)%8Rx ze#p$)`Jn}hca`wvN(;+{e4AVLm?6LPjDRS#TQ@mk(CVy~=#Q|Xp)exeBIgNIb}1~6 zaBp)xCc@fc+)&4T@r>p=7{rZU-uejURuSO~2^iB59UgyK2Jo6aIoM&>}Uy zMt)LGjGG23ZTs=RZ)_Zb$nFGz-n}EjxH6zMy2=+GYonQhp)Y`X2d#`#PzJ{}Rkm07 zmIo|Pf6gXeFC4o4kj-a3airjr0~}=_LaVbR@Dkk@R9g;)n7{hmWmoo!6vDMN&s?bg z=iH`bmWB5nOBQ&1PiPGui>TNAs6+`ha1TvS4JmZ0_cZDAa>B^-T|JpV(^Db*h2hZ& ziq|di8E{v3Fn}lw=cD?}Q26susA_@w1e?y5(PD&3!c7LM#*Lf#A1qaYZPGNj=L&9#=#1=*DS0|#tvM|T;06C>ajkI=Iz<~ z+}UL0!Blg~O@_1u)P-jt-?a+^_RUwYLiu)j%-x zHD)qP)%^0|!T9;MwZEW)F%;XH_u@{~O!e+X}4@16#_6m~K%Te+jV5Gylj~AjA zIuW{I2>XUwGn{UJ5<9&s<^AF5bQ!lx#6`&~o(>JnyrhH&uh6 zv2wU{jhi$djO2xU|BS~b6v!vIie&y4B;I%W&vifu25qZFh(CUuJiyNPO#UxO%b=~; z>|eD0kPo_8`**Y55{eNsTknE@2n19Zw*P~jU_tZmJ_(tM4#by!z@qn0;((bArhkzg zsrLVeA#33ON)+_L@j_(5+>q8ZPBBda|#GK_A^{{xy80XJBm4{KGOOl=@Vv<&$ayi zk{{0o7Pm_cCsSti)zw%S$TT|I>NL9gf6Kscp6;MlOY^tL^}IG^FWJjCtq}i~sc7?1 z;)U37v0#}DQQZwgOVvN@tAl=mSKE!(Hvcs8^5r^<(tvH`;)h!c?v@`4Ho8Ly8oLUj zvECJ)*#afX0`+^aF!(>q4E}}hLEQgfC7Awiuo7NaOwm_=14(F|mLrba99Kdru$aNM z%rC_n@Zy#JQT5cnAO$T!14F*gcJx2lR9Iy9_2m-7yN7mOJI%CJM*B?7xipVt6_cBx zHNv5?Okc|^)m#)g0&Pz%3s4N`_$Y!5_ShuVT#(t(qnQ3pINq9j6~OA_U5sOgq-Jh@ zIpWCk+54>}fL564S#KEr#umoNbmAx41n<8T7Nr@s#PIn1F#`f0`#H0fL#8!niLsr! z3CoI|Zi?g+HxI0F^4?!ijX>=2=U8d(s^<&Fzumj*xw6VBb6Tx#b-|+X$bqcDQqA>jPqmBLGYy(=j_Fk*tf`;q*p%$?I8Nb_qhdBD3 z-FH%+G3@lbmF{H`|DxU03epN+H28Te_Fm#Uqi65`z){a{vM|oSY1rYlgI{fI{bZ<_ zyYhfEjyz;CgXPWb$II)QN?x9p#~ zk>dn`T~XNx=DH5Xefk`)38Ul0VwH#4x05CD3%;j)s1)LU5BU;)1$twVWFsXJ0PzWMPF znaUq~=en}4U2kHdTKj*f=*bgVc@PHMn7xl#smsZ*Wwzd4_RQ&Q;aA6;K2<-DUM8sS zscz>7+_&wlMZM?b&Cp&bTiNo^`^{?vO|8T*F#H+mac2cG5AZl7Ho5rKs};!O7tsgx zb%S4&dOWi}+eP{d=efK_G<#XhbWj5kImBdKNIqW}5TJqGUM$MvxF^G6{e>7es@p{)!qOvKNC$65ey zb)@q$EaAmVmhMua7nSs^?zm$uF_^Vg$o}CK%=ZvG%&#cGsVejgY)3 z!QdKao)ml8`*Ym ztU_B0BlG56MhM#1*x>hrTkeN<#@&RkmCt823LEC$d(IsEuw$F2Y)6^B*1U}#K?=$3 zoS9cD@~{&*{3xMAgK#!cH0)9756H$(Rh2J;I{Hc@AQK4bfFBdKT_{l?y<4%e8>5T^%m1~U=StgKkJydFe z{hI%DEZYm8h=|`G?{7t#w0&YfTv;h(*x{7G&UoZvt8_^qY${D?rF=)XG~;L&bPq?f z=bK(uEn4aZmX{nF00`il)8HO%bwf%yGV^8~8Wzl_X}?%XUtFh|7aKLe7WeK~d&t6g zGjF#qOcGm*PBXwd=jb12d{|};XDy-9tA27+jiP0H|Wl(=EE3n^AK22}@OHLtE z603~%S4YWYms;!-xX^O1M4Fsv?)^Y+eJ!ZtlcxfOZk zI40{{KSMS@j32P6l5%W%pRF=T7xVtWfq36fXcJ6_^F=#BUyecLS2Gwbth6Sj>L=;4 zA%?G<9UFbpDC;MzZPT`j+~S?n#;?;~ye^P{>DZ&}t~|Zw5&ADY0Q+pxGX^;KQ5kN}PC2 znq%!z_{p0bfmMOY;4`mll&=n#1MT5{gv8h5@0&j4H`Lcf@*(iH_XI@|$2TP4tOd4f z2wKN9E7yqYGO{xojqXu!1j zs|i(ShvtRFuZ?d(F{=qed&;vjm_k5s7NSJE-$vESH~SZ42T;*V^MBXN=&3WBM?2f- zG=5i+sNBnC|y&}oqX12;AK zkaehKqwLZmIAbR-jP!BkJzncsSq0jZbN9n3_adBd+M500oweXf3)9{8=ZPcK4GV73 z9vq(K{7NZTLgb;i2hOe{DP;&(cFFbMYN6L!W!VCmA0DQ+e8_i9k8PZ{TIf;GR;A<- z66_-e1u#Q>hDgu^+LOfwHpw?d9XtEo@qC^*TBW4&S4M zT{P6}UeVB8qhR+l*ke^s{xMH|-C$nmGZFb<3d4lZ=%KX+N8vRQut^P?HqyR)mh6U= zDo6M0UbZ(sI6URqIn`iPP)2+{jGZvFQv0CinR6d<&v5eCzP?^Zu)FL{+@8kmAiISG zb#N){FX+cTK_IZVCYrD0>LjqGdU@Xot=1lD_!&xlYyX?Q6ww9Cl?3($()jQefOiyN z3a4v|YOeEabt3zon}^;Tm#U=TCFW+N%SrVmc3ThnX56hzB~>17bv>;cP7QZxV}ca4 z`=XxqWBmN(%$7B(2VHmQkKeL%@Y>#H$CU5Z8oqq34k~fg=*r}p+A@zd>RsMbV>8T; zWDnY*zUHCA70oF*s%)z$im^tCe#E_oBdJBW3=w**W73hXGlz`BZ@P0J6PvR*28+A| zA`(vLRD6c?N{ljt0wvmf6%ppWaLfX+S$O>Aee~SAx9CG_-YA)`UZUw=!#|m<#>7zJ zrvb&UEAZo$AKuPnMpw!58X5LIz01rM`mA6#-6z={^XxvwVa|X&k4kj%+Y7Qut+4&45Qg_)DW9kqHU*S;egt`$3HfMK&x@i=M7lruF^udvvlas#-*m= zKgqwB_S;xSTAilz^Bm2(AFUYGMeRw;2mg**<$5Isq*1XcYr0_E^>B;>b^=(iLi~8)5g?G#q^GY_;1wA%}KERPI3XQxv$x2-0k`=g@DnG-U_UhN5Njg+^*`a5zQ zFw@ub7v{S-s<*|3oo;NGy`+JCI>~cX@46CPP{X*`{+ex)+df)%w{imEh_U62*{jE) zfG^`rAN3WBXw7x1>D#^)WO{=V+VmUNAEF8zZG&IZ*6tAau=}eBfWuRt);Yq0C8Pc{ zaa-9=r}*Im3|upQGu~(19~cJ2Pj|N^LNOcA%do=iLZK+jf)4J7QP;> zG54<56ya8NM(_zcDYPv4SVMmv$LNu7%(VLg40TdkY-4s1uWm#C2=8`q1>k6zkzmqx z(1w=TWnkH8Xwi5b^3!M})LriZC%CA5Hln6fg8HZET79g*r`H=V^$rwgX%M|%9rGN0 zZYb8q*68)|>+taWsDsFYK#;R6@ODAxwA}rCU_Ysxa`UE0N9tJ7eGy52pf)Ei&c8LX zY!TCu@}XnIX%|L@)5dD7x5Z>qq6_-mBkc`ZP>XtIyNr(CTk^y;L3E|vxZuYL)V8!L zcLK}Dl^4JmK!zuaeW6l^b@g~%unh6Rt=uUE(9txuPuKWflDu(c{*|E0y)Ii$jOIE> zxl)J1W~6kiV$0X!!8>M(zg{W$aWn;d4`}!m&h2VM%)Asj{H~h@1S_TeW-!647D?hD zMsFQJsuUomKd91=1@MZ27ZBcSxc|Ma=}yY$60)|$bF){_0h6NyoySPmpTJ{S0z zvYD(nTiNDc!8=9sW@{vt2U%j@c(`J`xsK)8L;32a28i=vz0128*4WCb$=h)da~3Un ziEr=wxue_=-yP?lwarO2LH=!Os;Ld^{o9tkevZ54L@j`|MH}rJvMggXm%=FTRs4E{ zc-??LwsgM|)dBn~g5N=(y?-Y>B?ZN!&0BqHdS0Ov#|-wk*0lM;l;Png5SjCH@UCJlH?f zo;Uh@3CFxx=yugy*!W~6%K6o!o)btSbge{L)qn#5*@)Hr$r@7>jB{ZLZa;6?=Z?Ew&s9f#TsmS}#B7=^ z?{SK0;v3LqVEgJQ`Px~0IE-SJ&}YR0HAUH*PD>a2uRC5}S}tepy_0%3@w~g8>>YIC z=huv>X`EJY?*f5RI_I+?9gUH}8|&-Gep)Vi$4K z;O~y)IU3AfzpvwvKKG79jXtZ7ce7Vn8-x?YUb+8(NOraXioiadCAnvhyDrHP4x$RR zG(UcgX)`o*9_#s}%4@yyE-!)c5=L8T@HI-*kdrmtb_db&GYYAXO)Gp#22H~Kghy|Z z#%~nF&_c-5@%Pf6O>9-ly%|-<^!PAG1%K6WZRl03)Z1;mAD_#sk!RNBROZ>qJT0bq zHc#e2d{K;gc6_iDfC^J4$JwAqVrqsSO{ELP)0zik2-b;F7dPZSad?Gykq^Os@2=EX zb-_Pc%A%MKTI=RNotu@VIn?>ykF0(1TJvMp4PP$dxEsB8EVJm8V3(Hi7iR zwZPv@S;AzR9M$?=dAq6S@r4Tu-Dx-R7Yy|B0VXtv?oslSnJW&gvlaR;=umdeDvXm4 zzlrFqENtNFrtzg2Z03~Bm?56nwW@^EwmFtxgQ{USk?}$E(kYX20x37t?)ScQ z&AZt}8uoxFalAFM4v5O-zlgeuAfp^xuX65H`)&kM;v7Xz1Ng@;U7t_S3m&^aBdbhu zKBJs#jnP%(h5irw{TiUtCGdcQd^{&q8vljBsQQ6^MjWCuZ1K9J^=-X>y=hF8x<^HD z5MjsVR>zPFlp!2rhCc6GA>Fg&06Hl~!5ArcUun#dGmm87eY05G-~->QoNw$GZ-SRD z$``e4;vD8#UP@GO2TM>Ws&b|z7eL&*<`sI^wJPdsJ;lrf6Dc{r=v@cFW&eVh6>L%R zoiP5%Rsq7VWzlJzII^!TQD79vEka|3D4)9Jl?~0kX8+n{527XY-|j=uV*zq)pK?fB zEqO1;eWVUut|>t4m3u;-;zJUqU$M#;GGuB<$s$V~{16Z9-yhAptXv7>asl=8#O^21 zPb*C`K8xGSHRUx|*PqXo)C$@*gtq?C%${7IlmU`HzgFgn*SW&mT$ShAdi|K%b({}X zak3(zi=k_GF@b#c??XLJqj-+ES2IIaR!3-buI@ty*XknIbR$|7(Ya2VqYL%n6X#=( z-+@yVB9@*yMK>I7NW^TsZOh}3*BU>Kc-ETY%24xWqeQb%az7OGwy+=+C(Ut=Nq58y zdNsk*Z>wCj___`UoTzXmXYxpR~WO+ukB4 z)fVR+?O9EG0?buYY+WG$pB7@$b|E zh_8Gv=m?W5q#D0U+#@)MxLbwuL>Lzt!JY`FyrXo1Uj@b?zVG@sRqO5@4A(FYI$8& zmTP>_Zpg3XUlp>w&ZoKr%45JDT2dRU>anI9V#%Fsl{CFGQaGr`5N8i>PWlltsaj0@2XNs6wojRTcW#MjFhm_SVq)5rnR@dZD$}Ei2Y4qK+%7e1z7zu z#xY0|bRTzHo$VIDckdaWIsa3ep~gF9g?}&9Jr(rNF5{Vs&e;h33qa)2R|mprws!6xv&6OkSow(%4HHd{;I8 zGWVQ!2aI*%isL$EvBHss`~^ki5?I66f$9gwfa7--V6H2)eR((Fc{uLM%2VJbozBDb(?ERY;g1=Qf}4$9al<+VcCL-?p29K{MI@U+5n;)_NB3v%ZpReUn= z(*LMa(QbUfr2?LhUXPGv{pIl&^n4VK1_YMnUeX5>mWwyud`Z{f22qRip&qhl2Iv1U zZum1Yo}NqPc=a%U$Dm^@n?;U((tYmE1y^?4Kk0U{z;W!K6~2gV__4tSOk?epEg(s~ zdnq~q3?xgfKOO&hbpM}!GYn$;dSOf`^6+i6Zj7i+MMWLU2fK$X2cW&*{(>Z#lV7zg zQYf@N^@5x1^~YOHv2$0ia6(v#s$I_!e0izBwa&31JLS{)=SJcOo+}44?aDRa!v!RQ z;{(8^(%;&d*RkU~z}0&dtseGWrYQA&IO7mH+5D0b{gbb9Kp;tLPwU9JuX`)fzXo=4 z%AOW%Csq9R`QQb>nSL-a=DZc3t0YF4{0m|vNIbjKS_+-_N$ozYsCpYG44+UZe;+>M z(FZ8P4n*Bfn`WgsBpzSysfiYT-c0}gc1rkYpi?Qs`t!W+7kNh`WACuqCJ=wt8`_GA zm-~gzb(!*`HHaubr;p*?GDyc1KMh~50WYo>W4*`OCHH_>hqvch*^b{z$6(#>2D#qP zU@JL>p5HnIoQbvK%d46CkiHK8u0!`G}L*Hi;DdFu5PKT1;NTgFHgfOV%3U$Cvm-QFvo zlutha@@>fzZorxeD1q>A7x7p#7;W5}2}-yh{@!ds*4eQN&6Ty+X2{dJi1ocvfoSx$ zS|W<*zB^s-OA&&`!DnGam+V}nFt;&__u?sc9WrKYmwsWx83LWe(xm(qTP@<}ehHm? zT|*oaBb7-%_&slGGMF$9WF}nRCUkLT!M)qA2^|B0c6}E?ay;1-b=bN1Xp#M0|H_h` zLJ?NSPK(vC+NGyPxGv>vt=AdPBQ%b6hlFI>4y zC)})mKCZV<9YUOIl87lr3sF0ar1_cGAKnTqa5U0n$ zq1D?Ik_}9LdH(N)A7zrXs9#hMmR9~8V!ugAV8;=PN6?n_wrl&!Y)U}xvr`ngf43CJ zlC8ES=2heLAo(tpF}cz!Dy@<8eaZGVTBsUQlx7H(jBJ=pQIPax(w#gk=t<;D zNaiiR)y2NfT&l~mXUUH}L0xrQ5=}HeDB3a5eZxw5W-?BnWan)cLF%h;xbcn1>V64euEhat9I&T-E+B+gYHG$JW*2d+yyC}@hJg5p9 zlmEkPfV4ID$7AV|II*gn`QFgvNivcEHUC~xdLq=F_+T7-Z6uVFVoJH<=%}n&9w`*P zU(6hg&+Fiu0ZH8D7VnOl9eHekdxWwWu1DWnKn~ZgDcZjrtId!R`rzt%$KUnQFNkS` zgc{92i>Y7i#@+4x^Ey&ydLlG6PDukBkW(Ir6DizTYc{omdpLjK)$!Qu;Rbv0U$7V6 zlTb(c&s1Q$y3!AU5S$zmH4cb3gk7cS8@_>)WK!t4ZTI@}{f~eTiZ1U|rgHM-1h)cZ z7M7TdC%PY`rE$&69B(ZAiuJUM|J4wua$&vV>#pMIZ(QZnMtj&Sit@KaxrZvvKxPp5IbP>TVbOK&kKzBpGBm6eUR91yx2}5pL?vVfxnEqFy`u{v6Ax&V0ZnW$;18 zll;9kc+z+n4wCu{qJtnhmj$ue>jqUz9R&}<4=v0+KfCbSrK$;(e-Yq|qa(xI(SV;b)1)q#JhZqWL988~EKL#>42ZX&>^%+JccGBla<6b+KT zd(6=XEZ2OQ1?eEHsLB+92dawyQsW-tr~L6abU5G9)k&IZ4ntb|s|~T`Cembm_0GT5j%jh(MAQ~JlZFSROzBWJ4Lnn8H@5RE9^Nom-N)0LVl+G|3tv;UCQIzq= z)0Jyj-RCHugkj9Q3#I!lZB@@gG3pzjkx^rP6)q91`Ko;o)Ns{8j(kEop62nb#s1Vs z1ju(X-$AK-K9_1&8Y0_zWwY!OhgNBnHXKnRA!JQJ@QBjT-bw&q#EmM!a+><963PIPB)?d{02FTUnVK(`#GS)Y*s@ ziRZezYs%N5uIrzbXq+ucP}?8N&vc@%TC}N!8lJoz#pirrh#CG(12eys@N$E8>QXfd zslhNXVwcH&PE&9z03@jxYuubrHtST!W#n)BE$lOH}a zK5HNkuwZ?gGjLDmBFN?4*4`Og&q-Z3kVm0b)Icvsq_rzqrjN!;<;oif? zC!QY@mRF-LzsFF4{s1;A48VG!mwp>HG+XN`bhvfwd0-xYajJYeQ3ua|4+rBkO0e}E z7|YvevSgX?51yfURSnz&bTle7>T*Gu8P|PGasq)6^xrR`^}nEn@O6PWB@!If*S;07 zU6_cv{DK3q?u`@~ZIcJTG+EX|EFWAM!X~&FV7FjH1PW~0>fB-Ol=n=Hd3`Do51n+e z_JZCw(P1L46c8-Q_!AU}BTx&gVJVKKIGss&b!mASX^H6O0ROIb>O#a+#44vQ1FG*( z@yZzIjMYH%wp+4eeeK*!9z;sDiPxORZ)G0Y@J8Fle^Gf$?yw(olU(}5{_rc;At~3v z=2`(h&#pSaN0-4Z)a4PydYw$4(=9I25Vw&RM-Ig25|qfFq4#gg0stgJPhCyNRE~>P zqyX;$#8RpZ7b2yEN#$B#$P$zx>#O7)<|0aewsl**YnmEj^<7+F_iiQB|JocRC9Mje z&kW=$KQ-P40AhB+L@VGhCtz#44yM2wXuY2uuJ$h(U=?o#QId$)J$};na6XrW{hPIM zG$7b0S5ktiW1Z2Ws!0J7S3R86H4jqFGQK%sW;Elj2!`_P43G5FSV%n5L3pp6Ha48r zl{d~}QrRAS4H69uq`3k#B0^M@yGi%9h4w6&ghbCbLGJAR_A-POzM60sTcC!O%*KhO zPb+%$Ih7VkB~Tg~+A$vWf5heb{lY`2Rk%u}hp+{`O7tl8Z;gF1-a@YTr}F41%koVU zn%;yicGG-g2RmJCuK{E5P(!&dp4kklTU#65KE_DsN)>1N+y$BYC7!UQkahy&#)8dsv4jPw=!Vc^jS4Rn>D`gF}X-oEG((~lRG74S}p+rL&1J8L6@@xg;jrjBs-ggkA*M$tnxd6J3R?!5j(W$~7x}?o^PG zPUY&hPJelR^l+Oa&3T%{{e1`@G`N!YrpzYCm&H1IT1x36Uvx4i6aP(#8sMNX9SY%7 zN-XAeNLYDhuSY9X+v%q3-Jg6B5}O@Cp81LBQd|wjG)q`&tKkYNZB|4J^;!aofXJHC zx7PPhITUlvuLL(X+!s!GNrxXW5>=EB3pzJ_#C?fHbElC8Kz+PL46zyL2ypbHTLpp^AF{oRWU=c3zqG^1xo1LVVPk(mb@qoW zd03z<4E3Q@9?C6+W2h!Qpc5=(^7PqH+cdoGZyu%B9frg7_W2-Kn(04+`fJCn^oux` z`WYqyU9lEn@XlP6eq>dy^`ox?cY4KI_UECJNDFYU5?3|aIIPU*SaT{+c;lNwPd7by|B8wv3En{Hw~wbw|uS(Od0n|CvMuzkJl#&}np{ti#XT~32k==Bys;RxG$-569_4?mwxZ)^nsjUoqlElrb;d50|!VDsRMC-gO8nMiTK8|)H z^b~x4@jRaNWxuLVpD~;6*OkeqJ>S)38Or_4<5?k_>%%85#@V7d5Nv+}Uz; z@M}&F$mk#lQo3*}FBv^D9u?yN5V{=q4O2M>n7vVzxsb)vEtG=h?v-7Juam*qtB_ z#*ko2*!T*`q0OkbbAXw=&R264-mpDchR^YW(A;|^aiA_T78cOV{#4C!K;yI6rb!t^ z3CSqHR_MRzx&NxYNTUWO@lI!{}EoUhmSHbKscGvr^&d56aKjgU6$r!IVsCwB_`L96a7Ln&Ki$CVAI0O0G9pf>h0 zzDj_@Pa%4Qv^aF>SVK4vZnI~b#2XOx`JFf7KH*zo`k|Nl=2|I>Kfe?l4l18w+!eE*+7l{#pl|I(TeFN9;oepnS+`N&D%(mWFet3s%5;uY|x3l!GPL1(3n_0OqZ{W{LyyFj=$+0At)GFf8g@>Hoe$$m1(xfmR?j zy=njmrosVtAv@GIAy5uZATGe_0}qa@jo?ARE8xg=QDw+vo;dqO^D9NDj&ry1-%w(1U#|>$FMjiw)m%}P+${YGhjn%%-QE$RT}!FaP3#(qFz4ED$4bb! zft>bTKhzh+p+5hCH*Akip&x*aJ4a(7I_b*J1Lvp82K`ljrY|Q-l0VgK9bEY-#ka=4 zk5AmmiNfAG4E{gJdk?6l+I3wth>EBXY0`<(rAkK(1Vy?S5TyzM=^)Y}w1lF7Q~?16 z0R?FyM0zLmDk5D1Qi61Wgc=~kGyk>DT4%4l*Z%jtckMIIIOC21353BM-<)5W^LyT> z0Lv_WLyL;cD1`?(a+lZzfPJzJ&oWgh0){*9_k9H5<5)xTL)Uyd4P_fut0Vi8i+=m} zl-L|NLyn62vhz^4j90RM&Er#u1+7yUnn%?eYHiYo1nPqfc%9p8uw&lxcZE6(Otw8R z2%0pbgqa{r{6w;k@fcsczq*OlteO4|k`EAPHbBt(TU&SPgd9aUt(X0p>eOtBLt ztZ@Q0HN=BfW$W$>ANB0D*l!%`SfM=WZ_+!f^A`%0$aG&m#*^Sh!l$Q@?R|pULT35;Q*6 zcSlNGl&0qn_z-h4VfhS|TUKfr?U5W)FOjKjm{g=USz34kC7BZ=RY}Q?S00(I8I;;p z+e~nq$&huA;we?XSV%vt(Sdn0orSBzl}v4|3yJjXCVpqJwqd*MR*SgLG^0 zyB1}}IWQisv4`mJXgP34E*ef3VV6+Z?b8Na7N5U&JM9KT4q;!8M52W;TE_sC{CB|h zAC|zvrBq>Fr)8_C5FqRWM8gkcGTk@so2^bQD0M343CE!(> zKA2Z<(t7Wu+YR;!XrJnu$@pv%EV>Il4tKA;%Uq`Duj1%ZJWGy0B5AeJ8?2y8Cy~eP z3KTgYvWR)n$Ayh?ao*eR2lHDR4L*mBm zLVFkL90A<21ztm)8}Sjh?^|`pcTp)1;yA@`PSf>A>`om)x52~ zR_mG~=1q`4ewJko!4^b^N1t}|)C=~?b5?&M$9mb5_i~g}^3AZ%EsD!m#<0<56P-UE zcefthd(Vf2-5>K=u)A7T%L-XpqPbaPb?P2H71t#?P;hekqlxa>OTgNH0V&w6NiqXC z8C9Z_GcJ|YBlgljJ+{S0_JhQCgZiNUL7nXwH+CexeU7z57b!<~4;OsFFn*>@_u%Z& zjDm|VEnm?MKL1UWp(-Tjkhu=?3~EX^=mbJX55mb(xyWwwNj$bv^JA|-kG)Tr+?#Z+ z(yR8p29@qjA|(egLB<4=pu68H_3o`3)O@R4*Zl!qW8{nsGk^E6*>~}!)HD^q=x>(M zOVXN;%TEc*3DXt=QH>@evS!YpU(`#+kmWuiQ6rrPylZxP9#shvy4u!>Do(i%y%t}g zj2$785QHYFljywOiJ*bn6s(#F)_l-&%hv(6W=+-Ge0DQswVD?@%I<5iu|N7o8Gwh<0wQoogpyHQz8dYYIsC=L>(J^K3+(*fS3?CVCWPb&@aK|^dcbYhrges! zP+jKtVQPj{9jtUA#utb0&9Zv$)ynpDCRb6pka~APt{oW;h}EMAfkNFEpnDcoWil zDq5W*JKvq?NzY8JBDyUI=FYjAn>CG8qQR@FUQuF#^4pK#zHD#!6E*OcBtTpaM9j4b zs1xym4#^z9b*8g)S~qYWbIH_cJUxGYKm6j(od-IqoNuUE+_vZelb5KaWZvf6Y3)iA zZSa^G`kG;~+DB(23UAWpgnp#{+pkHo`m)6$Vb^2Xye*|V{jtwy9}ouPH(V)7&MN%F zRYiNe;#;|OKR#GQBulBDx@I!=>iPE;$bO^_=osB)dHq`>&3u103n|r*F6Ese-^a8o zGG`znKeM#*h=`a<*cp=LRu|8eSDn^&kPOl1Vt_U9Q13df(PjVhAXylEX=8n{6Ht>+ z*aBu{8~(>?uvX;&z~O3zVKt)vV9>?GbL4d2b~N$1(3YDIe& zrC~bRyv=7w$$0Fgbu6RoY~%%=I*CNhHK^ojrkVOBLe16ivd;sT7xf53(L3 zvzb2%*Krl(T-lIYHWkvo+a>R9_4W4kHQF^Wmobk0?|WA8OYBq0@GJ?^{4va#hmIi4 zk9+HP$)c0`I{aqulS=1-5VkOnENQ73tZcJ561=}aS|!-DW5HDz(1i=IbB7n6r(X5) z=PgKzFROfg{zcLpPk~ApHlRoz1K=;VL9Qf8qHYJGa_Eq$!BB+{K){RO*yfYH=e6mIcdb6$7P9F6V#n4?9q+OW zqb?P`!c$4Ltr-(!bF2kuh@jkazdi1$M$>SE?i@-70)!GH%a9rtPT=_L zNb%i3W#1VlMpL$dcsswuxe!rCM!DeHEA)y3sQgP{v+GKLNF?o7)iF{A2DMOyYEs z4CsN>9cqs?chNDlv)lKy4kb)0mU;z!HYesmBjG$-XWq=v{`U;v5jE=m0Pm)-)5SR#s8hB8uPwNam6>L67pD@?2D?Kvf+}*dso5Cl+F=gK#%r#tFUH8@%9jIsIv_YolALxsRRrPKrc)xpWy_trf#~lVoSs zg_95HC*aT-2|{)!g3cT%y>_ES=$loN>XNqA%&`Ag_8z*I(W-1;-Tg5myj1HNAOQJ{ zv^)inio-RBWHBHYNJVu_;72oU?oYUZp~&7O*{gSlL5B_^v|^kW{kxry(u_z7L?#N) zwVa>_BfF;P`OB5VbQOqevA5&J^I`>mOdX|gN!-8;o#YP3UR(-+$$4YL&@e$8SXl{K!kP<{R7$<}GD2Xvh~FWXbPS$4A9vH|K>b-}M4niv!{lBvz;C_e); zpfKt4Mo?>Gj#0ygiMp1@rn{&AdD3BCZJ+T!sMX7A~-i-bD2lWZKh-e&t|^5 z@y;(sobPum8N_IiD)wKjwHGV8b$+QR1N8o0VCohLY`N5c9!CM|;ub#36cl`{MHVCag;)Axb_W=VmPdH`SpM@8HbKox zhH>w*s4(Fu@s)sr?m=8`*NgyeeIjea>T|7mv5zCN$aHL8^} z=-al`tqJo6$f0f8>lxFypvpPH;2+^3M<&RC$xOa|A|1|nD zqI2s4siEy?qAe5LM%`-61FpR^ZSo=ip`?t;lEeb~H8-0I9)6e0T_u{7J14HI??4oa zv^2_~{u*l0Y;{)Q3QZxmCb~ps4)$xEu(0pbhAdZ=66u=S!6fmychoD zDutuwdF24d(!*`R2_ut<^BO#NI^sWm@9oRiB!qaFW`FLEw?4@VvMHqW{06aBw&o&} zHup9+B+Jc|@AO=McVo>Lv)MBrajQKHyq-$)$XL9X1Zl-lnhHp{=EECL_qh2hOsD%9 z8$YwM*>EPN3|3vu{LiF%?0{Uy zT|TKMqtgAl2VPXXflKWdTf zQ-~-_nwPHy1#i4V@z-RkN-~9Z8D9xg1is|fe?|8hMBLhVH293nG!HrTT{n*;bGLeU zBmd1NkEls1zmx3^hpVcb30|t)>i;jrj4YcQ*3DH(Ul#-f?w5q!YGs4Qs|S^R3X&xH zV4{+BhZj>_Ouydu+^Ayq*}1U>vmDzC{@aBMoyUTwNG@6l+BJ!bQ~l6qsrJfnW#vd` z@)U8a1&o922b1cG$@V8n!&47Of;1?;1@9ic%pKsbfCj#~b>@YgNMC<#yb)G^r7Hly zfjLos(Bhk5j*{mfEIIm4I&LjPn`qy+e*gb^B8IptaSwO2x)k? zdL-NM?evcfWU7p8hgHJ{;1Amb@_F#z7<~G-Fw=jNTlz1BnJNW*quB*U?P-8OmTU^J zx_>zX5g5aw94En;9!U~!4LSWQ7VtiQI6+A?nONVjKLGaA*Z#Xb?x}uH{O^G;^Zt3V z%AdlQcY+uI;{?fh@bRftAVo!w8!fSS@*h47JOp>c)RvJkB=+ol#2M(e<&e^|34i2GU1H)ESN#nJ zJTE3nESvnI5n7?`h1riSM)^LrdpStbL4Y+8i)lDw5f$NVMp z*EMW|TO37E=irl!D_VMFkmZ3!FOYhZhMbM`pt36DneT2Dx){KuZvCPPD^pd-JU|e_f zQ%RI;yO(W8H&@$$>WaRd`OXcwZn8;b#9;SCF9@X4OAl-8qb;4jxJ>&|da~4Rd`9!K z(xoCAvzrBdM~JW8nZ_^-y1OD+^j#_1@;4~K{>ZpUJVE4UR@$*3Kw4e>gr3Mjuk;;{ z10}s=^iS_`*!mD`*DiP+!I1tN#GUQ+>NltX^BS-rU&?y1* zNTmXKdLnu0=FOnFe!-gu=bB6?+*&2VLzzw=y~n2H-{1CG(})xB-M;}#nB|e3eO9mV z-FrAqX%Y7ul-qLejx%z{mYSq#P1c+e#PaRM**pM}W>u<6z8)y}Nm!abT6~jmI7bhf zdq4pQAZ7Tbr^_8?FElmN@lQ@QJEU>%$|#(l_Bm?EJlqc{LYc9S3b@x22CLO!nRgywNRfIbi4sEdhjvwUtC%1CZj!tNlNTC@ho3f&RMyE8md6J*X+S@0 zFXyxT$_7z*3);ca0S-}HFOWMW`kaG*UUH+Op?_Y(Rq$Co$J6(yQbEPSG+Nm$2jZlpQ zR6vDBuFr>pwKunejaSX~2z6PkYh#P|Za!_|nO$59@=>uvJ|N}%Ix#-nYx|V)LIPcYV~txySO`iWcvIrBD(BO^UbD) z8o=-c$y=|sA?rN*wGoTw9+@K3k4p0CZ{@G!lyTv28HZnO>@MQ~@c-ico~1-?Bw|33 z!l=1?h-nH>4o;Sr%yAS$U2R)96NKQ=9KROl-x+|7dZ~fpdj}LZqU)Isr+UyO{_4TD zW1pJP@+fV5OtYWRNgw*?Ho!7^NB;HCtVu*ngwk=gb=AJ{T0M4ligtW2Z*iY1EPTgQ zU3kJkx=PH4a7{@@LRH(8Et%(bSyYCOA$3AYY&~b*hqL#33{ZVNcUYU_qb&C8*$ZglZJf*=BEtQTlRQZ@scG1 z;hnJHC&!o_@}M2SMax7q1 ztP*ZgC6@yl2qw$nV2^x4Ra^azdMtM*5^*S~L^m%{USR;X>;yh%6`g zV!r%9!T2uE=C&2I_l*X#m3v|1hQWwX(G84e4|CNo8)PJR?1#^!^qPcT#CSjAP38Jm zm(;sEB?|MUan?j8eNu*p>_kAyF9uxqGRrmBQ=T@Vx8vSVEj`xeKj>y2JRKxG)C^fy z8qb|yUDgeDUf%FDEkp3KN3}Oz5f)wYu}%U4U00cnV;{TYvO_AH47=+Q9qfxKPj`z0 zV;pnuH=B!p{m~i9SuTIkDs){JzeTl*k{Xj$Hr7uynZ4D-`Yoz2Wc#!u;qY`ydvX_j z;Dm<;fVgmxLJ7WuT{HY;#MI2<*%h;@SVnX4f$%F1VYk^6$M5*?@$toDpL_YjD*VEK zLBSX#{mqTr=4ggTnm#_z;ZMnjg*F1=KtYC6Gx=q}TPqug+E4GC5Jf$&77n8(d?t0L zpLAa`3HjCPj%XQWh%K(>C!;$J8((^NJxOg|PqV}F>cpP4z&E1!2YF-PZH7gE{UU=J z&~<*EdjY$h0h!EHb6IpGPFT1PCruU6zRo9qHCC@V8#+`;<^Is1Csu3i9f7?8taET- zom2Tj$LLaovStUQlMQF zQ4nVYMzYD^f!gjT$pi?UcParW`cZgDo;Vj}c{)!V%VqPFjRl6@<4%vHJowE)RFlj4 zkuY@!nVq1iOBjq6B9=CM1QaX}Q)hoUc@)-5MW6EQ<>-pa^*HWkm+Svd888!13-^IV zI#`a`eZ!>O=e)rqXs$2FL|JTXnodl3{ka<}x0}a)HUw(ig*YQS$ViHq?NZ_?M!$2p zG!>)KF!F;XKg5&qK_WLNO^RaA-pA{dLDYrt`D4}L7O zU-~hFLeA1qvurWz(=g!Sr<_niMEP)h#-yD#874cTTBxe&lp}RLD9oLzr4a`pH#frGeZOt<3r3 z1hY?9B3Rax+@dNsG>-3#%hsX>=uToj_I>kglih8`Dz!mg;!*Wm^AaZKv^Ld{^hl3g-_-`{bS)bIT={>CoGO!NWlSf$7Q<&CIQ<_ z=u7y^YaHmy|NJ=juZO54*Zv08!$hEeeUqjB|9)s{!$14qi-UhXlfO2u7~Y?7oV%U- z*H_ii|5L5{|J}v)`?}#zhx@Y!e#OgO3)6N|B&|`~M-IV30aCpX&WrwX#DN_f6QAN;l zS}x4Iw_qnO@y^t5&{hsDxy;h=gG)elC{l9QA2(yrDmop&@GYSv;1z<4Y|X`cgSR>n z$klxqN)CVA=n$HDBk;4KuFLKT%y7zt^e_RdaQ2`E(MyTwZr?hqH$MsKZkGEEQjeH4 zUC>rJv?1RK*lAhQ#&8h@t0beUrb?Wx!`&AFs_jxVBKH$JOwm=a4@ zh*jr48I&6^ehLB0DVS9pWTihzvx#Ji3J-gKE3nwY&#m@9Vm6PeZ(OZgMVGsg=@$Y!3{WI-S8KJ+Ul8q0~xdN2oog|=T1&- zb=2?XaOx_4Ns`*-2JP_^Xgpnr=JRtV7l2ia z%jgVP?r@=ogp^(#gWk-&JG3U)2V@7A4n^bfQad6NDjKc#J-q;1s?!XKh`{zb&s-Wy zG$)z$uwu8Fq2Fov12L{Zs32!!?FeWZ;%@L?z$D`WlIM;paWDchx7ER(%6Z|%#d^Er zZJf`7J112fYBf$ zTX=*T3FzpOfvS_3Un$@#2Nw%SiIF1hVRT+B2Prd=Zp7m@eUj4Q7}O&7wnm)S)$S=P zOTE}n=s1nL7tud3&m~+-pOo5GG{)tmU$#wBVEbbeZ{>fQ=NzU@=50=?d6c)v#?XPL zC75}w;9h=mJb+zU!U<#ESAflS?@f3i+IE)9oaBdBLn@fQ)XXE5LViugKvIN+d_H9p z*xl=PZ4g$LrqinvNvj7R?>lnm`Y6A-caFTi9dSb-LOq>Es^^(>`CAq%&vSgW(1~@Z zieLg>Gt3(v{dwWb*wt;xHh{K$@|jlN{j5R=S0D$m;)_DnyJGSAL)bR@&5mgm#KBT7 zb!6zMqk6iiL}4lVg{+}M9Ols+bPW>g2z6CA^)YZjkaQE%vO;!)qd zXx)@6J6f2_W?e-o5f-sgyUE9O5$xcZxb7K^1DYMK31dWh_9==WHYDh-SQRU9p7!th zl20Myj>N)OhnkvGjvjm}egEnw&okrUd8zZ2k`qP8@@g5~Qtd_9I46PS*`XL9%hCW) zRvM`O!?#EFrAF6$@=b!zL9CprrKsY;Y0C?BigzGeQq;HxCE{R$CCw=6YLNIS`9>~z z;z^OL=vz1BYsE*uK~=HffY}RdI-mF+9@iM}D!IECDD5s-;KYlM5QaMl%acMCnRT;b zXMN}VHswj(KyL$%`1YmKHDd{K2jE{L#HC|=Rpxjo{`sxq?;<_6v96{$HgU%RqSxj^ zyRSr(a~o@FM@m1GjqCsG<)P&{V zH<78O`4|fV-wyD`)O{tGm{{%{ z*|ACv?btIesYl#RT`6+A<$6z&H<3%{KrNj2wVsJ26((>+WobfK&>2+ORN~gv#CoG{M@AQq;3fU*_fJ^yD_<-5SJNE2ItV8DQMQanKnv$V7Gn;u+*D(0aqN%+=c^yHo76 z>GwPHT@n{74xg|(yHlUiNzcP$V`ex=q3=mFZIsJl`+*IvHae-ha-Vvt!x))Aed=Kq zsAc1K*9%MwovVlAWV+MnOJXlXgR`#C&RI$Ia_Q4FAl3H6Nr4N4 zm)hqC&j*)pn_hguU*vKnj5WdczNr@OlW)@50EYF4Dl$QLh)+X{R?uJ+SLcOw3V-UI z2=kYB<-fHxaU-grl-`$>72eJuK&6CCdA!Y@e6-+=YI_?-Pk{j0N9s{AR`$x|%J z#IGafgqj5CHDZC@=M2M&Z+c_R@9E07-iVjJq?W$2Sj~_`qxkM3f{~Q4fM_`c77G^S zlz9zchQ3@IF-{In6c?(JxqeGlLxNk4A?2yZ;lwvfPEy=FoVl}DH~*{gG5wOc?vTjq zFZXXN$g830Z_vDF+1~1ez2HD}pYTk~YqlXb-4;hnT|YF{yEs{geZ^h7tm(w@5T3C} z^}s=}E<3?YGZv_)g71H8WO5U|MN}HUz?vj*({(e)gR8uZi*EdjC;YxJ^@=$br#WBJ z9G>Trn!mkQRpl>M;#%?{Y0V_}afxu$#i(sX`xfO2vq+%K(6&opMljl89e2~}%(eL) zr=c=3uGd5u>dt33C3ah;>_~RZ(oT_q{Ou3UH31PN?~vY(9!~nsN_QW_1+}=cMLZUD z9$L7!eB7Rmvs;^CBRs>NrvvO6pYDnK&KeVgpB)%FUuW^RW#a9bKW(shZcS(5#yk4i z1)2>$`rNsG;h@t#t`Zi824O>`Q}C2W<~RDAn)h&D`$O4|yZJ*qePHM1P9FE;&v)hhN>C7s|7g)uFD5bmnHVFxeof3muCcUwAYjQQ%-aNFf|<7Ppm zLWeXt0MIUYI6d87p(p~eN7%#%uUkfRgWoa5qIP*5gx+RVQtb@~Srf$SH6wj$B`md| zhSKJ%$2O0@Zqgn`K0Hq~4cFN_Pd+56&nu%K3ABWR`&Hh<&@+O${*QmL@s;NE|2)HQ zb*S| zw~v>1a(7m4ahNnsXBaxZM3KvrwjG>KgA@x8_iO zZ8OD<$T!C|55%}Le3!250-09o>L|2RHWStv7K31H^qG^4nBd@vv7Q$@zwqHTF~JJ&2yp+me>lP6UiuT4&jjezz({cDG*4FgFB?+_C@hc&Bt+d&1W} zNkf~eB1~DBdZU*=o(*UET11#X$sNR%r1#j#@)}{h?j0uD+vPa0L@x0ItAQ4V_D+xe z4%O82*4{xjObX0dl8ZFahOT&K$s-OS3#y2jTb!bLfgy~H0dPA zn@C9Bw*yp_4)92R^+HlC4rvT$Al&XdH9e4U>yod{TJQ?>+6fFl+unrez_~rEjJwa- z@WZmpLg&k^H+<>itR^$+DYtG@Uxx$=RRt&mbVeP*L0lu%v0l(kQXqk6rc1OCdeuL_ zRh(qw=HkZnc{4K!%FcEgB%x~m6gdzG3u%@j8xf4VIJ3jhko2~_P1!o1Ov#5MHb^5! z*D0n>F)?$O0{vS*gB__i&Wr9~+ptWqC*ar_+Kh#?c82#(>HJ-$m2n*V>~^(H)z4p_ zO`kUnDoAtdVR2Xdsx-bFg?7nAcfigz0($*t^$+0qgeYU1d*#(lkF6@RlxLm%-&{Af z#sSZrJ}R%M_70*|u97rc>&IWrZ!!Eh$=d2L7I(19U~imEx%k}k-Sfi-Z>!JvjvYD> zc_BDz&69U1@Ct%WqH^GI@7|IR@^{lqh;uPym|YBsgsS$K}3NAptcZ$*$@=HaXZh2|t1{jihWjDqq; zlSfh!`0E$$kXBk45-rqGkI1^j>^L994 z_G^0IrK>e=I;0=CDz)#ISDs|gQWz{W)tZT1spB--9gJ${)vAJqq*C6>Ft4a`lK|46 zKB>Q(LPPQ|C@oniu^iE=PORon^Wqm7SZRpr-Dk0BL&*{n5@b^*8d-~QYt>JDUz7-# z8uAtPF@^u~#|%PnG3G-kcFH#dm?9DcA1)!o9pp3QUwPLuKeCwmQ9*0AjT@?1DrCRy zk;1mjZ=6QHK}>l`vLp8ICy`9gU?X?e*EOOCHABPTZgQXCoEDF6zcvwgRlTS$6Z#fN zGOSAL!ag%gh?#1U=Mfwc98am{_mPw zow`~M@ALR>1nZXMaI|D4x5{&9hV{_O>FU!%S69-JW8KMD9Ws23ue8mVpYuF|ef=GNu9g*eyt zkH2UHB7L}yjh6riP4@4QNEjE^3HIFGoD_JkvBL4wE|N{4vvL1rz1-Lr+UGT?_oq@+ zzn=9<--U6Z27zjGkn%BAX>N|wXY;jsjpy`Ow<3Nki@007=Hal+gZ`Vg^4f>@Zk`97 z$Tu}rjC@)g^`X6g?utf|Hvd%v1`X5KSs;*Y@;75TYohr)r5K+HYpu5|U>Tzn6*Lz) ze_pziI>c?`WTbxP+;mIuueU@5FJ)LoZUSm|tb$aVZ%&pN@WLm49`S6tPn)Zav73v( zEEYbsbWo~>&re&x(xS$B&Jm1TUW-}P^U&9i%%_rXnor_7p{B38c`nAjXL;yJWzW7K zOLb(b9)y^K#LhC4S%^;oO&?|h^h9FORYcG2?wI%Y8U8HX*(vD#+nv?D5QFfZqlqjM z0`ImFNepaB3PO_H>n~^K-s7(w_P*I;mx|vW7qsGVd2YA;^OfXZ7aSm6D#b%ZkQ6x& zp;^ZXMKr4U?FY^>JW?*r=IL^iH~H4npK@A)nJM*(aSuxHq$EfU4||599;bj;Ut(XN z_#OpE_gz>Lyl{h$W&VBXtm{0GD_a%*htNQSR;!}hBC8U%OlrJbYQuZf_v_QNYw`HeO-fcBAQ}Z`3&XjUz zmM1>3x4+m>4(c`oop6>S+JSMH9cy+16)(Jn@@^;+d)h${>8*|7#0PoX_4EL|Lk1v9 z1szV2MS9JaOgrY67wo+ zvKU4;d=%fk?Bv7sC4E%1bH1O)(Z;%Hz5z`I-uCj!9mL)qRw*0sr*2&4) znzCO`>t0AOL>yU_`y|%Am7Cn)}7e0 zSDKE!4D8&diYTJwpej;WQrQrh4j;$bZloIA>n0(vvz3iKYSeh^M?Ku!M#2&oy3-&W zkU2!#30#A)zM3kv#*u|7dD+(-$iRG=kfyq+I{oDy=wOZNfW?ENLfm=|^r6NdfL7C9pHyej)6QzUc*LB9lHwN~z9Zr|Q3&fH&h?QQKt>s6a zy}Z8l@*ZH>z!h|hU`mur3#Tu5D(9*(gefVx5Gq@}rt0(%EO3iYuz}<7)JW$kNt|(O zGrg;P8ywbVXmMfr8Rz#tZ4Q5rfiW8^&;EElUql7C(~T*}iiAev(JcJ59=B5&bTM*4)9}@E-fBdb%r|@nPRVh z_SZ|WViAQe$oQnZ`QjRdC(REm{FG*H1Nxp|UsXzp&5>anB zj0NBt`{GDIp0NQ%+S(1PTp=YO2zx6q&ztKm-ATPojh)lkh!PO08JP`?W5UBv#xs(m z8{V}JFV#7J=p>5Pv7gWD>1~0YU!^*2YrFuYF`nICz}G}o6$kor9z*6|arnQIknjEI zoF)|#IniIk&Q~a=tQVX?oLK0N*+smlS7^zOFs{FsSTt**QV{rYU7V8O*si)K#B zSpC;{3Y389T;1I;J8r3WAM1LbBk#KP>5XY*Z(U>E!w@5Vt>qo!V6>&s$!DnHvG_Wc zg?vXA_AAa!Gs{U<`2DL#Qzp}z+dVZmKkx8z|B7wU>RImuq2fDeHkj1+jR)J1R}znAS;_e@(Eo18BeS^~&z zi|tpsYw=BKbCI2JMzR_)p@W;oLhCa4!umk|2x|ZcsJGLF>`kF@BB%M1l1}|XaAyo(Mu*f5LcZu(8 z`vK0VNc@xAyW7c{vZBGy!&#r)Tb}NN{A>{lQ56h<-F3u-Jw*vpMqsokK9cn80(Vzr zkt0QR^lX|ybLPd*{nlQ*GTr5x_B)1)xXwt-J-XnHe+1|LJy`eunms`wg-L_8+;TTV|x# z3DU3Qw*@CZg4%#X%I=2!%}1nJ>*O;<2@;OJI5VOCO0ceEtGc4~Fy|3!A58)&BKD&& zp9-=>9WC+mVfLa z1GlujUC`M+KPg5I->iu&*LU_S?Ho?rrjKblD9l9Ga5;w|DBN*BO|*xuuYTXwIt8du zXtN9&Nw#BfG{%IbWJnk^*cqxjpEob=;3-r!NHl{Vpd z)VE^#wf3u_bK#cq{>g@4R+MB&se={3FgQQ@6IZOOUD9}5@bfo_4xsB@xy8%2BAZyz^GQWldJ zl$#%fq_1T=ocNcVY92pHAm5j}5a%#Awod${xxb;v6ShC5ZO28hi{YCt+{Z+_c(tqW zjsdqjQ80^R!s3k6NVgX)kTooSk>=Y1&G!ifG26F76+=fdP!#97tev*o$e1&hX?JJ6 zlVungA1rF(0%IoyLMEH9RO{WI2G8xF$2GgvxH4YFj}1&Le@|z8Z}h;S-l1i#QO5(sOd93YU<>qCn!E#WtG~AjL?@mDCi!EE@LpYyrN%BbcZ!+U-6lQekI z*kyGPH=<|pNAU+(IQ{|JqxUlao_2i#tFU9(~c zM1^Yvcg$7^wZP7~B+L&4c8r((=$PWaGbC7NZi6a6Bf4h7XE^SUHCPCGC5)E^yD+^Pbeian=2w(c$} zaorzEmlg(fvgOL^Q>nA((=xoyd8xC<-Q`I2J+CydV@8ZH7%tm29%PI@o9SF|*8Ig~ zx!#RbKB4aq!RLci3GjHa#ZlUpz1l(64J!s#jv;Z+#M1>!3h} zt1=*9XN5$yz@o!!yXRA2g;&%nt+S3-(m^x1%x{>RgsG%-qeVlAkWNGd<U3~R?a=T`;j#JqR%Lo&YHUtfC78j{^4jpiIQfPj%if2{Nm(&&PN&v(dirynPnH0e z$e#88<)ZsH7D!OVu@zFN(^7?`OCLVB&MwDUHMZOP#b9GFg{}`8w{z+GM_TCUY!xCL zYPf)=LHf40`AQ=OobYix`?d*B@6TL#x!vQ(&?YIwbwrKO|3jn;HUp6Y@u!0BlI)HR zbct@a32_I}l@>1TgjKzh*M!6UovCSPU7{ees|!2|ArxLgM?)@Pox#kce95!U9Gj5~ zCbD_a`>k^@+oUm$YiHWDc`xPqKPg3WQD>K?oLG zF|sa$mtGF!>(bz?>f_HGT3*Y7cC2WArN6a60}b$N+X9n4NydafG_Ra)Q2ClHdE(P| zxJngBw8e}Ws7#Go=`HJneid+y*-^&)M4PMR{9qK+5YKs`=qW$ZDBtHss_Og4UL4(J zQe?$PI|Bh-G&&$s^FmwpC5jko2t`M9h}|{y9=OnECN&z?)7OI=*nZ}i=3*CD{**I1 zG`Z8&S>-el9glS>mSjUlw`m2*&6NmXD+H3A;+GAuH|@OHg$|^IAHBQ*H6E|!c5;^i zTwDzoN)w1Nw@&h*qQsc_i3kBAPe!g|T5A0>16}6((vNhq`FU)Fog%28E1o_jEmH6d zdX*@%kg#z^s0+@6^j&V_xSWtPy@GQsS?_Rr%HMcpK=uWbQjQ1#E7jZGtg_dl?Boud z26>X?QVO^vRvfhL5YEreFD^%6Dy_w{;)+cNpVkKvZq_6U^!l0d3ZI*KPw#;%c7|0T zIwhaaoBy@xAs#>`n?*?A{ckkOkZ4Tv z4f0dc5Min#w?!#3vhn78ruA||nnBX+hQMOA&kS$0X2-PyKigD5PuPh>M9JO+96o`% zIXMuh578i*^oeParMBTZ=5c^o7(bJ8&XWdh2OAW|8O)2>@RMAEp8|x_Dkgq< z@+BU0&vc#FB6+l*RVK+u;m*;v4ps&05n=#c{j=r^NK5!dpcEGKF|3L#mt~0Axt}%dnD~bn6|60uEe4H0My`2Lxa{AiAi{+{S z$>_#2K(B_)LUyq+S!{%+!8ln(@(r5EaZ#aXmfvOR68R0j^yJwYMB-ZFDS*kA2{0po zg@wFKh-`IZBij=PJF=sAWC&A8QC(u{vwE(}#&nz(aNezfjlSEaED@^I9{lu8>j~qW z`*}pa78A6cZZ`EJGw0!{?)Nju(1MWFZ0p!_xHW06zOTfKPyW&>)CUla&RzOSDq`fb zW@cpS&ifNmmEBAXV#Rmr3LOqm3%DQ?+HG84X+oBhgM< zbYxpn@VtMccAk?N-B{LpX6a7mPZeJap77X!hD(7tdgd1U+2)Ow4=q4m`&{-pq$D2E zEt%k#%??G+A7`I)O!s~6@ou%cCV|uP>xAo@1eZ+OGDC#Xkx)nPd;n0Z10ghT-m7UPwZa+8Wk}k>PF?v!vok%%V~e8 zOVbA?si1a=h2Nop7U?-^^H98^H79>v6bH4*F{g~8sbuxw^ODc!E1F6ErRNq2 zr60>a(eLy1XLS-^_XxK;Dbir&HjQBAdV|kZrt*TMh|5t>xt!T)ZBJZqMJw;^9Vvg6 zLH@Fe4)zyNrf^FlA#Gmr8DQP23}v4id)>O!>m@rO&0bKOWmB)6|MFznW^|6eg-R77 zO6DGcDg+a$b%SAZLgcIEw|Sg=TwXuny<9GG>9pXfVXZIP`l@%Svz@ykrz!j{*;LIk zBnC0M(p0t=O z0Fj0vFySi^WeJf$EMKoU6g}6ZW8rYO#!ak$sbu<-&GFQ^RMr)9n%G1{(Sz4)0My~K zo?S5*Unx1+-J(K2^2B!3=R5gfflK}5?S^N=Uv_@5JnmMZA*8hzQrM=Qd%1j_gsbCqYr+}3Mg*#F3wwOFdp(!j=|9^w$cP%jasZXY zhS~6H#DzUNm~kqOf3#FWLcF=J4R=R;Us^z1w5R8M#Q9Up$(^WtU>?dR=ztDc01Gjy zV||ilmjgWcSfahn_%aa7YmqozSytYGa-E7gO_1s~Bf35J`wfC%9b&+YLBgL&et~%Q zr*awV8+?XUwKe9n_m2#DInxry@Y}tIgjkR7ekc4b>)N5JkXQ9WEwi!m=rW@>gjvIH zi#%7uJBBRbj&Ym}mqvpoUUDDnJn5(Rs;Nd|ieXM})TEj&;E~eFZ$5@r^6@bAp<8f3 zkMX6c5BH0;rlJmSUGYdB)H!OPX6yXRMG^|SPf&=d!r&t36XIlxX@!O>9rt{i>+UyP zk(t_v@zrw6tYxE_W!Z~b)u1u^=hk64|7a;j1=b-?#OwzWfjAX=FdI^1sm&b1(2kEY zL<~`<(A&ooOT{g;9)nW;2Yc@w)ztf@dk0Zbih$BvP*6m=^coOpB1TYpiHJz=El40J z0@4Kp6ojZW5h2ohLhnU-F9}L72{k~7XMf+B-^~2x%z5X$?>aMU%~|sYE0B<^WUsxS zJokNnuImahOj2<7g5}D*XQ4W>LnF?R(19mxYX?fHY1a=E5U_78#m<$)qo*1wX@)h> zdX@`c40j@~22#te%$FxL1-nsX9I?D^Dx7XaI{k$EN)Ph0@BgSLqCYI@__&r)HZ%2E zpXe&A#{LR<{ltzXhk7hj?Ggdi!g~ep5sGlb@v`IKq^GiRVtW(rOVLBZTPpjmVY~&d zI^1q5C9_#HtiNseiR_!2MU=jARM|LLM1K%3IP`4Dek87~>cFLq-jaS0@?lB2JM1E- z;VyG3$aGB{1RNybyG#YBP|4nY1EE!Pc?Q2pPv`tbFFiVCs!ad!HF;^9e|l#baJaqOj~C{CW-xsyc1yrZIlkNB2$|#4Qmb<-%85Ja70);nI{tReZu=pGYiBjDT-_ zs**&rM7$}obiC~kh>=v)vgv{MU|Aba`(ZZS#S|V5wdppwbgB{@?ezokPSD;)Tb9d#o9!+ev9wly9U=YGym~tP9}p)T zjf>k3-w!z92Rv&miC~@cZn`c4$SglQz}Au~q-u0`b3l`yT>$2mM=7 zNT$F3QvvUx|Kc4xkw==*iu*k`Z#?WgWEK(r#bkAcv4nN66j4z2+m7#fVw%>Agtl1; z=ukcEK=sxve?ph` zM)OUF0dJiuyKYUDiM$z+bgSu9Sch?5diA5p&Mx|ap-IVLd}9yoBB%0<#q$0(>A)k` zmvvx$p13i8Z#}hxCjiL(1sv28ht2+g&_IycV9H?;g7sf(<^^Oa%4*BP06+lyD?g`C z6@Y>NTE8@bpoE*JwISl*NYsV-7A~tgS&7SR;!D{H57}(~;4tFJWMs3~u)I5oNL%!o zY99XeY8TK9VBW3L&J#MK>-82IoWabb2ghzo$MdIF1i3N3PY1Vx3eNK3f7~p1_c%E= zWf(AxLAg3YSk!nBcGm#JKqp+~9*M4?wa$0C3ZQM@M;=G2{(`+tPCECH=<$lIzYwhD zJAZkagG-B%B{VYnnJS+!`>nNLjpOn5Q9xx+Pf;O-HBKSP*VL|7L7CvsHFsCjp5Y;; zm1(Ij|A1zXpk6S==&oGoeA5~>1@Pxb=VuR>=~SdS`2DDSeY)bm)&O4l1EMbY(r^!Q z9v;w9dmnR)Bs*~AXB(s8`fLEcMH!`D|$9N_EU_vuw{jIC}p7#@)B zyNNzl&AkZQwfPEkfXcpZsxT}HBe=hHsT`~$^KDw)&>J~`SlkDgVh3{nJk(w*8YqH~ zw`0SZ$Z8{-74vl6hZv5rFoV2V$)iwk$eeq#V*7J2(Tn7CB6u?(+vah*^jchy7^4^sl!LEg?IM znJpspv97?bV7OfXH@%Jh>>CVXkZWwWCx{u%l*AcCF&*Hz5em zGf$@`xN0N+(1uRWe^v)*w~FO(-_V?XCm4Hp2CI*Fl%w&*CE0uulHq*vyz;Ft{5loh zcHc;3i4?}*$MZNCyh?J~QG@a7Ogw#-I((Rho+7(aTuT<>w0uz*`KwjzBi z$G~r72jNc}0as~GfgxCq>2MP;PNp#=ulK!9V7}bZBGijD>^yau*dIzHy9~=Zax>3E zZT&gC62<#Ei2UONyWZ__9={6M54VBIN%oTTS7(&(`2Jy80`cQ{#>jBk_PIgUgaUn+ zHz!_$UTtt7h@A+&540efr@vpvdwLqRgVQv!tDnaugN5n#-YKVfHs}p@Rmg%^$Is~FbnGq66?ipC zq$8E9r*eXm{NYrkKtYId#&bSAceUypBhR4cm=DFK?G%Qe z7=F?NfSd`r9@AekV(V!C(9`q9?X2GXvtUE>(U^BUc6B-?=gV*6g-5@kS%zJ@q>n;Y zhp@mIw~#@R8h=VmtyxgrICiakwWl*`_ks7}kG;8~u=pI>-+v{io?RzZ*%qr-h5OMl zXhNT>S?wxoUMq(0UU8v6-V_A8ryNtCNK$&IU>hf&XS)2nYa^-(+)j+U3m!j)*0HGX zmS0JNiU!eB+3?X_G+}+0^F8r6fO(ljOS(9eFDoQs?mr$d)geqoJ}MhRI?l4K9kvXU zQZ9vgW9_TLh5T;dLV`<~B$XV{vPH$D?bbtK912919!dz4P=WgSUU#W;9MgxpJ@QQw zz2z_6Dan#N)PUK>?N!0pHYhh@J{36S>F1xK97OF?p3P$eINGJEh~KxPQS{>EfEy`j zcz}@`*y?A#(?)UY)5qN7u8Cco0^UjlZ4LA%h>!~Q9xPRd8 z{urt+F1H&$y3WT#lEz;tTBFF4!isJb7OlxKqVMOtQ*@6)r$Gj}Ve+tjyFFAba178(ObN7%*)Wb}6AdaxJ7S+l3~v4^ z)i_sZrPCmo;55@NH6qmlb{83`XU8-0k#z7`Xu^7j4S#}ZNsNxQ1@|OQKOpQdPsnsK z{HEHWDyVqcnxrpRV!zO%g<%HDU12{r?~a~ihik`46SLECvPDIs zf+klNGTbj3(Gcaf8bm5cLOJlQW&B|rS^}ZFt6^WL!`pgeO2vwiKhVzKheKVR>cyf^ zk?Sg!DnxL`0QbJ$8ec8$iV*fWdr(<9cJ17|JGs)ryWA4xI9(8Z)+LwfK?)nZu6dqi zAIb@Lun3ol^9NY$?+%r>b)Ut_fp6JfdrdDHXwn9!6<(tK{}3k=6@5Q7R= zY()4}$GHv15SH$#!?P_HA`}GPfQ7Hc_;}|0+Ik8t0(n!U$J8XqYJ^DOBT&Pl|9~Ei z%j${_1r?eNDd1A+&)&?u!(10&1TU)FU6i0fXcK56>U9cr(9mG70#5Xe@(9H{7mQN` zrjz+Dc|U&D5@wl*;3qDjZE@8I545Gt0Itu7Zspgj!7sblB5uEuJ8yE-r6@66Ikg9b z!>J~>&Z!bQ;@CFsVEBUaBsXU4Pwv_(xV5;?ID8(c03oWrtONBT!eIe=8F9CqXk|k8 z+1mM{lXIn)Qg5YeYt+PUC%5*@6Z(%!RR|3t(CFtMMR4Z~pfwjZA=ZPC3L)&X*rPNK z*dBZi(f+=FF-sTUkkJge@SM=m5**NI5OTxqx!WB>h1jnNo6|q!wiGApMjWOv4~gvw ze3?YL79@k;0Fya9MB>7Vqu90|w{I%<>h&{<^j`N7xf5471%Gs%2~~?bO|REqgmRGV zjEIaevZ&2Bn0eKrk3DBJS>8^U7|H~xi(X$J;PJAt#b?BeWJd~}ec(pd=HwK-zDsMPF;p|^IZy)`eJ}A>fYKO9k zu|l6mld^HpR;Q2~FoYI?=1q}r-iYYt#_wo+$EKBfe`Cb%BTn(4hcrTq048^D_$fgm zA_QzJ^boqFiF3s1))xCJK6si*R5JM_K zBQ(Mm`XliYKjOIcqYsTnF@4-tR$bDi+6A1wj%r3`vB##oh2$rsd>kqwOMYmd?!CK; z*1}1T?lp{Aid{|gnl8B#zH_I<$e7r;CNhoiAr!V&Q4}Nb4lQx^GQqG7tZj|u8?|8% zAJEekUh3@g+Cuc)Q#EX-nd0styri&}+N@Idih(P$O@YX-_58x{XF88{jUz^k4Zg`g za}XK|RfXX&FNridsZ~jwy-EQ@0imszy_S5n)$$qq$TMu$~VWE;!HPe7ZM^5nZ9i6z&a-|!MF-N%gqjj@Jj zA5HPljX@&2C20~jf1c7E!ZTW|B9`Y=nZ{n*u;KdC##zmHCf0QWTw1*F{4LMRw=@7w z+p*16Tyvr=-!#C2jT(5ZBAY#JbsE_sWo01S*Vn>ScW5%| zd&;O^Gq&$^m#xxEWmk8yS%)jtUtt+^##xNca)_+|#hjF&`OeB5*2LRa|A~oD__2~C zJr$=BBR>~8c@R(Zh*6_PSP^KV1c~?HcA8Z#r)QSU%{R86MRq2pPdV|NPiINg>7F$$ zR$v9ha-Rv~Is~0&YeuVKj|%SmF_}0ubEAVT{Wpthx~_NPy)OSAplb*5ex)Aw0}>^y zR%THG{`r|{H~30LpL5SaAqn=ye9nM1 zWfN2BE;cx!B^*C#PWMT{Ek9*Ia|m;_CgJWN!t1*QW&F4!Rz<4FdJRAkp1X{VC%5GU zr{vhVrtWCe-t>Hb&fcc}mybHQWF&M6tBetbJJ^sCPb?iFber{t-<;-nlAE=64n*iG zqtIsqu0P~tPpp4yJ-%em(a+#U78=^$eu=HPKG4_)F~^M7ixsUHe4lLk+CP4K5=xI3 zX1f9K+pC@k-xPITgoXX}OIjxGH1C#lE6S&b>8Sq$EcS*?xt>wqj#3IZG-h7n&)zKbRHbBW&zd&^ct`9P9kAJ4^@mCHM{>pmKdSf5a=BaJ&aS z<%GQ$Z-V{3z#lISTP)l1MjiV7)#<4p9{PW3T0qzrq85XTY;N%BxTK!cKHAHF_<^Du ziS5_nOIb5M0${dt{6y>l^5q^BWT^&zRO?dk&TpqEvIq5a1Aul$I|&f$_MsNljPXHd zpeS_F=GirbfOAuwemiXevnqXMKE3CPf+!!uK`rE+ECL|3Zu}cxGdd{S=g?yDoohR? zIJcys(rpk*{VtKQ>{3Yf=WUp^BbZZ#hWO-01`%;194*=GGB!xT`)?ksuv6)6iy}=} ziQ%kGaXqU~Q3}LJB{qGzNhC@rOLpGtvo-Sp>HO{cf?hrx`>^+yvSoJ_KB`&?owS!w?5hTjkP>Q< z6TfG)Xe;w$4(;c&|9~X2vK&$dANay^9CM9|Ul)qdGwA>tD=xR^!NO}6cey0m5-y^f z!JH2&#~-E!QyV7dmT!(tJsRKG<%3MPa*@(n`M_fck)m0+N2|%UQ?R{&ri!>^_xeas z{6hSNU#5est8+qxmDA7lx1vA{i`gcHZgQz71 zWAv0Y8R#o5heHecdMMTnfa}%Cv06h`!@z5oJ?sJ+s4Q@{2&M|X>5$xoqjRs1PWtSn z#9WsrxqSnVO_!2I1Xw&DhrPPcbk^^z|20e`(EJE;T1belJg}I_kjV^@8$y>I8awdo zTm{@Sy*Cv%q=#={g^M&y^KV@~(I>8wDCdtbyrZ87&TZ=$AEVQ;{T-A0tC*{`iLNSF z@qWLv->3r}uoq+QG$X>SP0mx+V^QC%91mNrSac3TMjuG;scQKfA#=&M;$406oEwl6 zS(5X|m+_c0o=Mp@8M7kfML~dj9Ek2S%Dg#Z2_rb6cT}$&yeiR`xGn--f)0PtF4?OO@Rb zfMi+GbcX*saPN8PCiDn8OzkGnbF0FQWq$3P&WnbW^-;($;einll8an{E`>asXLidl zCVbD2xah|LFc9EBAbYf?ctMY8S`C0s#~vt*>TSw;WUZ4i4pZ+8wSuXRfBwy>;2&=7 zUDEp!BFi)4Tpqc-wY(Z2klbOr1wE7J^YDR@zphtIvSIwj=ogI0D8v!P4n^1x6)jX% z(frmi+R!;MNE{f#yd>EYZ;#^{Vhcr|&K*qixjy-=tIFxqul!^W&3&$woA-B3}>!K`f0(RkP7!_kXE&D+$@U7z7qR^>nHJ-NG6DE1~R zR`eS*C9brfy;_krM8M*#sW!3Wl}sG1Syo3YyHA_)6E)J%Om{d3&m~W9=|m`TzD?PZ zf$Nma_;uB2e$~`}>@X%s%FK2*ht_aXN!L`_bUaL*Z$K+>IhG=dkS7ItF#x)}3^yg0 zPz#0M$d6wYX3L+24-olO*Q-k~r6U{o5#LoKxX?o)K$hy5aMFKQ;E#X(@La9Pk_Q!_ znCfj?My^-yvM^2XmaPtafj`1C%+)Q(I%h*6#9Odk3YVSDo; zVW1VGj3KbbXERQ@J&WM5>^*DMbuHEY%_WSDB=r7Xk#L9_nIrOHR`6ERB( z4b^!ZdylG_cbV1suv&0P8#spRFj7S?kE}@Y%j+nFCm2U{Q;_^O3_Eo9e z92H7nC$xvv`)oq4tyAGvaaDl8Fb-bs+yRPV^=~%hbXA4p#CTXj#(*c0n<*jlzWD|@KKhq@s z0X?tBvlFX}cCQ?eeCFw?_z=j=1O?@?cDF1hTma|`(gXa+6E|?T^yv?U9Yn=K<<|SN zcI)O88R8oNh;1p->3AU-zv|}ttUgk330dU3AL;D;Y`D7?N!Wx_hV6K(D1 z^)7x82Xzfv)@RBY{L36)Ax_9w^7CK}-!zG>#aKzCqrd{jT>+K)X{qQj8~YNga0?2G zcUf`1NsR-bSO<@I@MQ!Pw@BP=8{^84B+CZyeP&I~d^$D|>_c_hGh5cVzH^E%3BA}4 zS`(c|fJnb_;3$j;F|rB5x>{==8M_p{b|9wRRQ$ZE`Y!Vau}MKK$jwf3D$qXbK^qVm z4{JeBP6LD6ChY5R3@yn6f8wzjwSN+427^r=t*S^bBIGad@NQ`1iHTvu(PIRiMp#r8 zl1-2_Ow6zz-rhHpsVUF6DU%^r`SMz3m~!_}eUk2^VW=ftzsUL;@EI;5?Sd*vG&mU5 z#JbcZyrapeVJx{=;|di^pK`Zx_H4};KeytHns%3B;(Vh-)Hp_YI7A*HN#re#Tx8B~ z%XjXQtsBUjZ;cG-W7|)pl~TUo8md0vbHKntwVM|OWOwpO52=R5@p<~f|NU3GdqI3VlRpGtH=|O2VZ_tE;z$zu{fFGYuL&kRV6o`IUOSBnelC^?Q*{fJFu4McZ_eor3}aM!Rr_{q z`Y*2Ss0upc;i9qr^HpVKW!m$#rc(l=}C&aUBe5V%;+ zQI-v|4!hJ*xSUOa#QP4~|pJ^$72H{AiImFMmQru;vN?58iB=8x~CoLY?k8}}N{ zFb>e#u0!+qDxPS+80Icg`KxdQp&`e4$6U(^7Ap>aK#%7&t%&RQ8CSO{7XYI1Mj6nJ znHU8~og5R{<0IHxBtgsLNH!BmX)nZ{UMoS5cXwNc0*5U0Z@cdQQ@4Lc{!?p41ER$L zI;Ql0vh@Go@c9QE;cB}$Z*^;&^#shd|G^Wk<`3v1Bnq-})$0!k@EZdLldm&cQF~0l z90wamk&V>SDUIC8hPpwPo-dOH=YUP-r|^zbvIp^dU143}YFyt&k<4q5d6(VG;bh~L zyw4nKiMI=coo@UM23Yw=CDFUzKXm?oR&3O;*QhFV3^$Npb*}$i0!EB&h)#<)?8h!@ z-|NV9YnbUg^d99IMFgG%^zR3@qwp1HZbJ5{6m|0@wtpZu>ni*evv1ejM2PxFCfDnnuBX|sIM?5dBR%yvmy^4 z*L6Xo&n*H4olk-_(7Ho=NGkG^s$iXkUwtm$Zlz_kjK`}GXauM3d5SY3eQ_P1(YI?V zYs#vV`gi0a9N!nVFBFPg`V`g)u^IC{Q(>In9#Sj?8sToBfJ%q#P zgx2i{E^upv+u>(OnXK9`>#47_o2a98wz1=-IxIb76|k8wMk==QbAcWFtdccO28 zPe}atM)I`#1211p{-oSo^-g|W<6nvNy4eWq^M1H=uFZyTq`U2L#R^6O2>w~WZl?L6 z;*Upyxf3hRroJL~YEQ%sIkAK#*e#q^VN< z^<(2eL~3KlRj7g;@(KbUi+*M=yf7g}O<-MpXTp(A+aUZib;uxisa!-!R=`9#-)9Gn zzISYT;4!$3GRKTprc~-8LT5kpoNwH3@6mUe=(uqkVJcD_^5&$8QzkM|9C<(ZdEhE`Ix)B$WPpud`Atyj)&R4O@s5 z{5;btmKNevO?Fx|Ik^#s=jD`HL4O3_;C^o}@w=1MOhXe(M70C+Vn;@f6+R`B7(Vj~ zZY%$MQJ{xo(u|hv?OyzR?|JCHJ!VIQ-cNRKEbStl#{e*hp>6%J{ zC`3HN8+3nn3ez}L&x;egbYP%=cW6^|>-t%h9~wOFlZuM=4<8tCVZ+GR@pNCeD>lW4 z4jdyc>%S35OyePc@74u83}mwh5y${S3+_P-E+{$Ixk~=U`{CcUU5=mNxst@#u-{DV z@wXX#E#ixC9whsydZFA&Nf8wGYAg_A%PZ`tCV@jEf0m*T~pGGGYgq-H0tru&T$ ztgV`OlBSY=*71vR3Y`5ca7%Y#k;j-WfsW+7<+SC#cjEM{W^!4&Id&+}LAX9Kbt+`* zh5skUR~02lhZ9Xw|GY8rd@}B6+pa=x*|N;?b#)oD+ci$X)a%A3oxYrcyD%flfEs5h zA+0%B{_fB|yrM^U>iMg!b0Sv+?)9=#IUGGs%BJBl&0h~;C3HmHwQGIhSN!Q(f0GZb zewC_MJ&(gwg{Z4*d5`Xf%!<+6g@}=O*$dICXF@?>KyVWRcqoCH_Y%0PB9~6YvDu_= zONaMrXwHkgUwjiTbW+Ng68XSqs=iK-sPjfmhzudM6i-YVxO}tHu;*?2;?S%2q>6dw z6ZJ<#!pm{iV_TQ}3A1vvJ-z3LnXao^bPWS0u9wUf3zoi=4fz(S;e!h496zP5R`n9U z6za~;d4oiQfjP~>AJChut0Y4_>^z)Nm!v0_bKE$xcQE|4RQTYHKx~3awPCI7#kVKK zyqxd6w<+H=$2?d;Gg=-j-aoWvwVlo(5U)KTB>L@Q*Lt6u z&BUa$Ns^hfWDen;T)p?rXHSAy70&_|M>r%8f?=>65aV%0My0{Va~${V6e6rOrl?Qe zPMcq7dNBRMF1qYe0S?JX)+M=oBNe+?D(ffE>a(MK4X-(!vHW4Q9p3-bD|v4n=3$UO zF*7Nb;YIIlSsLhe<>t*t98-^D?Re}szBfE-&SD=I{W9!VBsaD*M;~YirPYmk`Le={ zNm5}En4WhK=FJEpDJL4F?fawRVq(Q;hhh5?z59;CB9@E3itS|7*0StE7Bf+&Nd!8H zYEu$=^Q)9A8(Q#vY`bjJXhu&4<#029+3xU6N+*X}1XgQHMHm;&45U!R6!Zz_^*qFkvcA^L@fFBQ1?_}!j)ld5f;ir34Y7Wni;-F6S~ z!)n|Mw(xijL^rFjFM^|jibMg^w&~T|bI{Dx!$jsAU6$Y*1h3>7p2Olg{CsS^JW;1Z zje!(QINoBg*%~$rGpu##{{MD7=*XVWbZ%{+xK!`p9tOWxeRS6<0tv@V#g*W%h zt4hq#@_xGWctf$DT`)Ulct@=_pog+-woWw4eht%`SsPN{NV4=l3=?>iT;yyi2d{?-5B-oipUh`c*0 z)9?W3Bf(0q*LI3lSbMA9VFztmbKRdA;6qL(-m{y-43WlJ{jx1|qxE^Jf1jBekpGw2l6T=hLKo|kIZ=PEekyev;b0Qv(*AFJX%c;H>XP<923pE9bTTj$tL{Z!5&9*r5-RNWFY9s4oe1E)OO=DJmmj&%pF zYp$^DIOj;P0C|99JazL->OVft@{j*->iCJ){2v}R{M)}vAi$Q>VK1R{GX9(43E_UAn>UC&vBLi zWxyihKQ&-+^gpKYl1EAd(jiR%VkCFi^k5g(D!*w9a1Q@(jhB-iLdPQd&0azThHvOe zS;e!8VX>Q|(djeWlooMMO7xNk zT6_HvH@IH^*eUZyChkMXGV;-o<@RCVIY{DTWQ!&|n}TqI><9q`fen>b2eY z$pNRfKudmLnS@N-2E53A&H$x(MmA{K#$v!9^eGqq|M5^55asT0n+&&S7oya1Uc@@xO zDk{0Is?H6+(q^y=S$R}JMZjbe_Bj*xxBB*9-JTsgWM@lbo}H@G61~sMd(p&%C&Eba zuNiO!VPKQ$GaNq$L_CE==>2|pnUTrjlY9wC@?5v4xE=4nanm;JnxPfEmqFC1!uZ={ z(RlW$T(IHezYNvyx%c_$OwWmu0t-n`yTMErJ(miv(b0f~#u7a*;(EQa$LcL@cbm z0_;37Zn@omK>lV4G?Nh={<8agQS2?~IFTj9ZLcq+&{#}Z0RNGpG(K?ErNm$&(9)$L@Sp#t;ry15voLZ2U5*I{@Ym#-vtJG=yK!j+Kz ztlR48dG9*RhdLGYjMc9k>5!7l4!Wz?!?IkCfT1k>Mc%pU;V}pcIDKrc@|01NZ}y(c zR9&}{Jo)Df*sslysfKj59@0APB$=mjc;tztbNkilaHo=E)7F$jiH`NJ6^yTrpXV~u zix+P$3Hn~gdv^e~DiMY8^^YG5@V+zsg%tFvb-A4soVEs>gHI4|{@spzZ0w6cEl|jJ z@{JK71jFsid`Xww*Vo7I+gpx{Uhu+oHs%rT6jt-Q$lr73U&tR(>o(gk(>qopcyi)N zrK#x@?&e7FQ|w>i2#@OjxkFihh(|>glZ6&yW?@kL!nt_4^@^OUnjxHkbtO@<#W3qy z@t^@VHTTXXZ$s+`#oMi1Y$#7LiR~w^OjeR~zs)Bq78%?7U5e!2xq$9A|DC$!P*ZCs zn#5C9Gt&$8hFTnFA9xa<=gN+bzeWo>xh=-@M|$=5^4v~1c;FM?j=3VZ*!JFz?NSk+ zu~_Ez;p)hq7iU0Oq*6f1zSUu6YA+l9@tr`b_l(OXtSKY6KZbS662?1x2wy2bxo(l| z9NG0K&DGNfuW%~c<>E80%L@Is{(u@|`tQLYr!bK-@4t>J2EUIiL*VbXdPo5WfgddnqOay~ZK zf+PV1avMHy@a>1qJE6o1N_Nz0)QjjYxV@x=qb7z(RGvdX=9(>l^|L zXyF&ZZ$fUZqb{j|C!C@@z67W1d3dB-xn{}-23--XW71Ut(Ws1?Qv}KOKx!cV2FX5u z6+5ZMQ=QZqv-Hj&NJamH$u*Sd69-yLMb+R?wTz*CH)*RM3C4rP0(F(|FDErO4TdTx z*mtVL8h51MoHWv=wZdsAbgjQ!hpAG!g#bs7h%S!a%a>IlFUY3-kaC?E_x1p5c3nYnJOFbs`0T+u)E+;H2QX4k9dDRuph2bJ>+v^5-@0Bj%h zo0YKL0$l6J%PO2Fs^(-3qW825*g5)w@5G{0$gpZ(Yj3nT@6M-Z33U@s8!mU?<=eK; z!3XaAR1>#wDxHKUJ#stO{@%W?Vr*!gztJK@@vgO`5daszioe-0*E3Mksn8XzgE- z_z>vBbpCEaPh*_UEWJQc6jns{VU9?S3aI*!wE{;N?V(*sXw>#7LKHH0BB zdT%|2;0D@)tktx}`O{tK8e}?|pH*?^L};a<>bifdudYz-T}mrlwfLR1rX<^I>c3%j z@v7&_y^oUgIq?^OihK~jm7bL(ys8AmoT$S2Q{f~`%0ExzKmGwZgQK#9Nrr@e2^Nxi ztN8rm;Z4SmSx=7wgN@U`jO zY0B$>VSUj-!F$i%wF0&RVEMQ-ccdESxQ|| zWY*l>a!7EzB-QjpX}qrzOB=%J0;`gEvsr;;bQ+fe(@nxsQm5p=&Ou#a&{x&F95>G$ zf4t;`x~O&qA(3%_CVl3~;u*fTikt{wdoryP6ZkB`oKF`6OZ?FI)bwm(I_LyyL5f;n zWN188yE-m&!hwI+xasA?Vrx%*{o->D&rAOMMcjWtY;f2;!XgQ4G~)JT=u1L>P}g;> zDrVH;?c_2Kj2A2mMnz#Hi;=>Khl}Dhi$z?+=Cu{$ZQu0*xq1_|L}~kt_?8jJh)FW`6udG|%Z*-#T7D1l5TE$xtN*$~32W&}k=lWFhyCO^;<+Me4CS z)S~9(VJnImfm~pmOfWD!ur}Fq;VO5QEX;Fy?-?2EmTLWtrt&7Wr3UF}F@l6zn7z_5 zIO%A@HSoIFZ}y&$yI8)S?FE%1Ih?WJ)tA($++aK0JS)krZA{0IP@L^jFkQ%cd#X2? z-*$xUj&?905s8~;1bmvo2h#+`NEJUP*8SHZ;1PGWA@`@Ly7qUXR|iMEVNRXhuXI?` zzOHbAo1oL;3=rJ)9E-<%R|%P?OWF3$FP}JVOrP>0uZI|Wd)I*6n+`uQ*7-rA0RL`l zZwUQ5*A~j@YfoHinN=H4U)KA$_fiAyB44p1qP}&Cvb+x*H;ZsaL;50T?;4JjNr4!> zU3MJ~>`qY>TEwH%cboMvBK!S{F=$_e*={WuEics`HDhRp6CO z3JVYxBrxF$?yxnc%YDx+$U19?d~cJIc`h_$0f;;c)uCyt$JF_o2tUHI z9?7=QX(}%hZ{TgM{4i;DX!%0wz)fS{r_5DUB-5XmtE9*Ui3@X@`6RUEk703f2!u_YhhnFMzapjVy(NF|qwf+ob>}z+sRLc9&c2%2 z$A_vF)Q~0%0AIK{8RB;Px#1!Jy=I)Z>Ub)15}s*fSZ+f_(l_VTsRY`DzXb}v$zyhNa+Wc3rETho_d2YiQSdy6%09ZH95xB0F-3=5oF;*d37hYfY)YK$#Wv)+4m^}} z6U{lNcw=={yS9QI&s4Rc;crrq*Jr3e40BW&2K>fIyah#j`irx2 zo@e$J#sXTPQ_5DgwZyb=itH-WiqgQ#qQwS`iy~#%MK-6Tyg*d6$?P&qTwK4`fGrNo zLzeiCczl|#qDUB6_&q?rmcAY4oA}j=^ip4@WTJoWvAuw!qe*ZiKkpjQBV9LGgva^_906IR0bdiXkg1y{S zgTMW_=*2iRyBuZou)5l9!%Cs=A# zj8(+hL4&Qg(D{<)(~|;kS}NNd{QddQJ(L<5&qSDxl{-NeG7qQH2RJL!ntpsyXdfD~ zyvEP>yA$++Xmb^hz68(5kGDZ1fjt-3EWkr&H>+`!kD$q#HCc|E4q9)_b9e-sX55jI zn|vQXh6X<(3?IafyQ2|yIB499yGobJ7GfN?(H8y4@~J*2QMYUQbdn}#!xgocRZkef zu&JKK%8UgU*c5dug{GpC6znJHEvaAWW-`}qLYtPP{aE|aSt<1Zkk3aS8*09ncO;^x*3oni_8wMw^?|tBkQ=b{SYWm}cK2#^_~$hpodwj4useP$%dm)%rU{ai!J z_)g|N&B!zQsb%kkSM_7;Jy(gkd_e%|Bz|FGe@et|5fZAxP82%$O?VKtIIWA`_(B-n zADSBIeWcIY?0P9Ok}m1wf%fCe3c$iiR>h;}NtK;zHf$qq6(UdC?pK!PbaMD{zfD9r zcaDSzB23yc7NsxzwGO$;$N}ef)W)ZXUy5OLu z@u~3BlyB#%P7E^ebAK(;KHa~l>iCwvh5#32*>V#&3RP-=jwT~>r`D$Oquqo?WUWnp z(bS&kOQ(7%BL?5=HixQP`2u!DImZ#%`Kxk9YZf`gY0Ku^oK%wwZ?X%XyMk2v5NIOJ z;;{~q5!W6==rJDNH;`@xba)Y;uh-=cbg`Covs!b!c54LWn_NTts+xacfCH1ejmRtR zIrW44rzUt_4g2R{_XMcv$*p^n=fXBQIgbiwFfwF*k{z(b#w;vH)idY)wZtChj#jjq zIR5Am^_(ivaU7=hc5vTtV0iW7AOH`}LUmf?^<&ig)(i8x2_u@uW zcLlIWv5*{0hL=Xmi?qkq#%2;lfA%JDv2tF`)T0Ld`b7}gNfE7A&PV8z25?|r1f&7b zW;@GMeA!J*O6G1&TQxHjO2B0*0?$igIWP@ZK&d&&37 zX%~OV-pUdi3>UO)!21)uB5mTg9DkFRH4lufC>S~%(ag}M@23gtOr%yzX) zXs`X!)s>L)qx`gORImtw z-u>rV^sEPLR3+Bdfey`#XGjuFYV@VRk`B=;8^TPwxB+a`v+%3CJa<1yZ%})2s${v0 ztN_}jzcXYy!~NktlS<>WZ^;Rt`VcNBf|Ri%d)fY?e(&e&qbQ5^=1ayTe-j<4X zo14b1bO)JEjL#F7B~IeVaUr)6JT(cx@G3%$nKCHe%y4_nO{axxjA=+$gWd0On1rj z-f(UbcX0lY4#U;`PP8HEvkL%JhfH(Lp}?<2>;1F1er`;4Ku6F5m9NG(@3&jNj(+Ty z@}8VqvJ*?c1DN=;>yMTJe)bY{S2ce3R_Et<52_rw$(jS_Ucg4z zLkV?OKsb%YXU!{b*c^+wZVz{G2PTSaElBa~$r9bGfTI!n2SkN^j*d+`w0IoCIJ9s2 zYEkz`Ndvpyvnu)@vv1NRF=kJE8bJ>6DdUteWLZEX`aGpQfD0QgqpvK|M>{s8uRLLB z6v$=%)O7bcSmw*a)*pheJashG!Ty%;7CdW5YcS2-he6tTv}%v4#llF}>!O_+ZzpP{zF~fCpG7kqvPL<@=-f5jTs$UpuL`w>f&lD>oQF zvdy+je7XDUoL<_VAPj)t%~Vt9Xwm3N{MTIUnJ$Lu$vJ*@aoIhg=8B<_MYWA|Uu{{z3VD_w*&>Xj!38 z;=gFgo}@n@Z!DV%0}*=gnqFu)>BNB0AAT*fb1c;~v7xs!uzNt+Q|Ii>L$v+r7n*2< z!-*|Cs3{TdJl^hap%V#vR52t`JT^2j(-Z6y#XT3pQ zUKy@uLSpm!N%FLAY5TnP9S!n&Ylt+$gRuM>1BMqPXs!@UvVR!QIP3mw2 zG2I%E#XjGDDTn+aTHBVF<}6`LAdC*1P=$;gCR|9&bxEk7v%8$D#~&8!`-!pC7yJf! zxx!5ZSDbBs>4Plx&F1A``>h*0&ke>3Z^|V)EZ?{jAfar!iw-Uu_3hI(U-(fI9ViCt z{$S^4$Gxa*b;iH)k|&U`q^It|OzERu~j@o$}z&CFREO{{4iM4HC55Pr2Q6=UB8M_Hat7WHa- z&7T5l0oB5tVseYui5O+j+mh8jxwW>y#EK~d{sX?SYY8dGZfp|LnvkXW5!=2Dd~{+a zQ-=U^dzM~ z9pmpMyZ@Q@|DH16;#f7yAIf|H5{(?FSH&5P|03D6tpQ|#_*u`q|6JyqBgPnxZ*09f z`d`Dz9sA#=%y+Ugk37Cwiagn^0L05+&=`h)Jd%lbC*n*9{Cf~S9Q14)MC3i@PzE-= z0XdyTFgH&gUf8S_`z6O@7IrQv0_?y;U0GTbcR{&NLu4jR838&=Dsu=mM$`lB3(RUN zd-+WL?mf|){dLRR*OXB1a%2sieewbO&>#G2AFLBu0}htLcFQKqngvy#zSn!2rl-SS ze3rR&a|~g*AT$AOa*wfLHLM8l*k$JyroL`K#uj-c8r`xf3YEk+H^&mLVEfQmRJ#Im z=-$)%Sn1cU#VKE|a9J`J-RqEMq2vkdqd*AUQ8w*tE7aHxOD*bVDqgCYTP7c+cCyTbvgBk+%D@NWS-%%3p~?meR$V&ym?IE@ z&Wos_6$060VQj`f90rKIAGQ;7D^}i}0J&pg!EOWIW`-);CxeM1J_t+<8E`=g&;?`wL z3>7ot77jD{$as=xcdHCeLL4gN@DsuO6q$kk+`n1hh^>Ez{HnOH<*Za+G4^uc^HsdF z*}LFK;2M{U;^ClP(1+~cmNeHs(k*B#!zzTv=N5c!LBH&*YCeCg+#O?W=-}%LlorA9 z?dvkW{7WT$3^|cmeA-7QV>3cCNdEod>U9^LHoY8>6%+i>TV59Ws@(R(6#^s58?`^j zLbXaObfR+zK04o;?^wRH)aUr9IH~%Af8pfhiI2E7l(U|E?PMn8X}Evrk}~gb_XmE1`Hw}4;mwa)2i+nQ zH8vhe8iNCHk!GQ&sCe5q^yvgt~g zoTL?I4rB)R!N+U*H#{FTbShBrH&9i!GJemmr2CaWw_rSu-6X6UB44KEi=-``TC`#a zsWx4(40xXfGFRirj{~&#^Yu(-aK>3X1C!eh+wZSEkfu$So=ROxeJq7?YRIfNxIJG> zV-|94 zeIb!o5qEv%;edF8d*d+Zny5Q#A@USv2F0LXGaU$FU@_9%o+28_r%xG%uC zqgfZZ?hVyS)vrpD>KD1~VeQB@zvI?Wct$sWKHut8aUFVPXE|j5;)8Mhv4&X8;W|&C z+smo9mu@xN^Q@$!3aryXq4g|2-6y%ff%}>87Ht(FcVt??6P}3ZVmIHWyIWVdzRu?> zxGhD>jMkt6(>QCb7V3Bxpb?)m%LiZI0C3X*1>fb49F6amT7Uaa%Hs6ZFhO1l^*t{g z#EG?f=UPaKNed%bA_mzWId4Kf z68g+OJP-9H?dWGWpukQYx?x9AK|Hm1RL&1u;HX8U_d-=JJaoE=IWI}=UUbxi1l8YO zpQ9_&3I@{#rrBI3hP!mwZRU6+k?`D+6wP$ty%FZv&%6WG2DEM&R)JLm@wP3PvcIvP z_7jyz=CRJ2OnhxWx4L-k>}wV4hp;lo=I0?rO&|({B|czL3j_nxa}Sr+L7JV}TEn!G z)MwW>o-4mFyQ0eK`*`ldUikRPdu_@ta}XBV4hmp0NTtWRuqUA0vd<>&&&4aR|0gB|<75@!U07(M9S&Jgp@h~L)h{xD8SG?s4QaWs!l zhXZ;x3gU1-3`O^Y*W$8lvT&v1yOeLs&$`1&`zd)9MmK?xTB&FOlfc^>pw#=l%$l#0 zQsyFtb_aL+uYL-dSlE-I9ENkq(wQ#ANYGR-M@o+Wkk-$B zry8F4nL*(UxL%w0#;ofOwY37Trs2VcZnX)2@b)|?E!H~nN!x{GEsfc9&<7t*I2cGE zH9L^wotu&*4-tX#IyT}un>`fC-)o3V^RFJOJ{hYne5^Hj!N#12*cGKA>3e`ImQ0+q zyDRAd2#GFAwIiGAhC)eDu){bzmb$4GJGMh0i{u=>7rvkWH>N+Q70zP8Ajn4qZUors zc-UVn*Q|jxjP>LZEem{gSuCHIemf47=D6?~p@laAE-#E#B`pgcY7(3|T*m)MhuglZ z;8jVqCi9D~2_@AY67ooYgB+cg+LV21R{@EhIS}GL?f}(tdfC|!FdL>o{dieDxXs9z zI^~07&lpm^W*B>cWN$o25d)q`Yo0{4LhvRhoan+;U#lRy~pVGNX8^qjB@}fS$aPT4@ z$sMORGD+Sf@TdSEGPq{btU@_HI?>f8a6S;6S0U5BT zVn>sLDTwRe;+ExKPC5d}(@T%o4&|@`pCiSfA?AEI-e81sku}qGFWHpGILjaJSf~|@ z+rBKvPJMXG{*C3eBNSxw2%Bh#8;__pI(>+bYEig?b8XAN<6x01zw9q$<#1Xf5p3Mn zv{ZTzar!Z2QCjn zYMJ75W@t%YZ-9%dcbf!6LI&6B<qla1SeF|rjU#nZ5=zfhzFLF}c zhV^8hMZ3tN{EZVEQ%qWkJR@Q?INM_R-f0JcY`2K_nr?=Pwy9+H(~r-Kgq|FRk{mZ< zm^Ql?KpY#@R^bJ%W+u(ETtkJ*;hwqiPS>hprvY?S1%I}m9HBdTzYrV%ElGPvWb7}n z#bA!0qXeZ4aRF7sPg{~qw0YNFKyGKYk#fJt@2{C(WI^@N&!_gjW_Sw z+ZrRXCmp$cWY4Jh8hm(>+O{P+P>I4bu@yYg-UL{PKebpqeWdvmI~VMNe^lU^5Fu6Z zv9Pl<@Lm_L+A5kwog>2gqB02_)P$PoZv<1>yGB@TF-;Ot7z)~TnaE%!~3=H zK?QT`N%ke##${yzW1pN4-OKNs_IwGDMlLklD`orEZLCi6k*&=6qf65K73lF%y14eK z13>>T$WS?OMR#bAt{;T(@Yu6wXSpgbf?|&C-iV0ugeK%AW`{%6qZ&~tl z(iTQp)}OM@ffid4YrLB^*xAK-^0|_TshQr4hu=ZsGnc!>;#iLIHz!%x37@S1Dd5!; zKC-6T`=@ev$`&w)AdVf4XwCh&U{b@@EneYjAoQGApr&!9u_Up9JQY&{xGVL}Qscj1 zyg;0VhdF@z`r6=!=c6tj#D1se7IE|+4bJ@c(xHUf<8B4`ZN-?~_YEEV&(=)(=i7z@D+T}gCTFpmm%XEiVRGHt%bIvd~Z2M-K;20x-Q7B_T5I)K2}8c@r-BjXMisaKb45>Jwm66{ zD}Kq1aQmk0rfo;Fj_WKt#8q8@M0gtk*I%6B(*e0uD~b(kNuv;xcD>*NrR&)g$`0PDf z<&qUM3SbM#m0%!ELYEO*qjHk@a9@+)C2ai{&O&Q0S3Q6_t7jz1Zz(+e&Tq&3v+{pk zh2npO8pJ*D@c3UP1P{?%=)V}jmVKHAA~5@R?(*L^;{Ofrl)uLRPtR6bud%+LlqiH1 zn2@|IO_Gl0++sTq&MR2wKk&G57$Q!giRK zV*HX%##_?J(bhYR1lBzl{}AyG&+m={LS#s7i62XVM%k{JckEnF(X7aaKh5gP7f=r>=K;kK|g(+pkzO za_!E(eR;sJ{EMWNDbh~iI>LOcR_imz7>Y0OJh+wp5;u?=e`mq{V>};Wc$O~?Vuah( zg9%c@+}K%P1B+~v2j8!)2R*wKiVPN1-*$|FUK<~>tTa_NeOPkmwTD@i1>0=bk-PWQ zX;e&aaiy)4nx)jmy&`)Xjj_l2-_;#n)@(PG9DomQmh#I2T#l#a%g}%{X-$mkG!*-2 z=lGTaP+b1@8hWCDe!hWQBwhsc>u&J2q#a%k`$eKUzA5iR3&3c1Mba_}QETRufboVN z#NhZhVuP^v8z7%Wid)&5usTFdG#ezc?A|O(ED{OP^^u2RO%G73CWno~Cc0;z5C-;s zcM`tvElTa?s6x`k3Hzy!VTWMQ3W9oZ(qUJ%@SV@1`3oSUb)@<))0e;H&-AuLAJvb! z@_Tb@hIc!=-@bo|GQI~XE?W_0!WHUeGz5^yj71Nf(>;=6r`6<}Xd%QkPWb*Tq zWD%jLLs%kP@JStue%a)NyTgNe`;M+MJq?=da@8t=T3~x~1*=1|0E3?qTz~L28BMII z_vuH4!dsAdj|@GBTGEq|l1Jh_{fL+nYk+rYog)Aw~Z=clfg;SE|mA7}M<1tLqjeDa00LFJ2ju0jDwTCq}5QyZqM4`kHOg+!nFvAmA* zJjTDBgIjHwuo?u5pIy?Dd{AFm;$UbAAU+1vP${i&n3C~AzW6$dsG4FB^eqnW09JLy z=M#BN%EdjLhfzW`mVzZbLlh%J5q_38@y=_<#@FcnBB zk!}P;(4D3I?$j=D!~gpvWI5sK{=7l|i&~kUTN^4*68q*pu8b}O{UQ;xMJ2&@tJ(+6 zracoIFPo6si`%huO7B@jZj0bER7kup<`3ZM?u`}$IT&i4)*@6k zbRoI>GQs$2MQk+zBm-oB0|(GqTG%uVFfKg zt}+e0A@mZ^%+OQz7BZ(e6*m?~HFevt5l#B#{8pjhp}NERtP6!23PD@P)Y5P0nU1u9 z`7q$w`1c2jk@0p_HXf#0jXPf>V>~g@GW>`?`Sx|{SY*F=K9rw0Df6o8E3q$?%kMt* z7HjjJuH*z?X}#=uS5g(NZ$-6e5c}inshsv*kN6L3iWzQnGu;?Cc5VTH(K;s9;%z}q zoUD>EP9o<_KKAISRh>36s69L+kK0&-zD8WcpU&?@`LM+qW9PkK`T7^#twcCq-f6z= zB=yqX?c0W5gE(Qu^(R^x5ZO&;eN`sZ;_YQvL4D`?@EFUdlw5;oG1yuSY19z<3Fa|f z!}IUQ7-8JFX424f!}w=@&1RD8 zhx4ksr+u64wkop4#K2rEZwr_S?z_9&-!{uwg`J#i`yR5A%90*U7m+a#F1)VD-0r!n zS*Q94U{N6igQ>?DlTE?7o74Yg%snZwy#e+h(mNuKIh@p^p<-}nkk`6 zFE7`!yP`V!pB);O$xC>Be4Sny@zbA-$9CO_bghys20vo#R+hDX`itay(L&X3NpJYE{(&*E}@-cCWJN7rqlaxipzOT6VXz_BBEatcX zuE)@K3d{&Iytic26uh*iP6OD*1q+ClW12f(30(JeCx4bLy}~OEKta(m+ri?XO+OFH zN%Tt8hkC0sT*_Py-A0l?+3uP<(;HPMLV>{b5E^g#yIA2 zY|FA9>SA~@+Q(y<96-u^MJDPVsDj|V=*_gy?=MtqgEtPkq}wV+UjaGE3oi7rY+l%**#OfJL?vo$sORB_UN43ss1dH}uC;OmDE1g=+n7EB- zUDw{b(5ORKEF?^hG;@O$9GoyTJ9rBrjYMpR$f)OjLKz&tUZ|H|Drij56RJcJ6+* zEq0ym(JSUKSlEXC?xJa|o*IRU?Fv$YO1NwKzztL^I_{i+0f{ z_2EY4;>Zz-0g%TSUI2yE(*wpe^@0_?CL4CDx*%6>;^Bx&&%m)2clXLq<~EEMz;LM* zPXohE?%@Q2{L4&o0Jnumo9Fsmm!nCHKE&-t-eXz!iRX;K)STTnA1j^F(vpzyG-

+vLZ`DM85-Mr;<;KZLBBL+?N^w=@KML=2dPAxv-ImOmk@xp0|i~Uo9Hv@N+t{$KE z(D7KMsu%XNDsz-V*t6a#-Em7$ytjI8l7!^s#ao5lAfq8cp)}2k>VRzv7V89M!K{%y zX>h!%7s@)xuFGhhDOyp?k1tj&uSfnK4;|j1*@qu*1(+Vp(&60~L6kpkBzzV3zAIUy zgjmyG1|{EcaymU-!8R0uT4y<-SK$>HsGn9K2FF?A1TGwtlg-7F>kC1ZVXtsyi^&4~PCP9*$v#GYHs!M||7YXx9ia}U zUEfOD)2e+{8hCe}jXR}s#xakqt{YqWd5#Tw~a>?mlBjCWSoRkxmA z#`_3xWyHtw{UF6}Re(bFE^)8|7V;&O^op+{H`|q9|8dp0Sjg_EMN~} zJZwDf8bxQ5=;>snQKI&(nfK$JmW-QXx>7fa$2lT7@)5SU&k+iu@VTbys1_%oi03)$6Dy5tKFY`u@uL0O51U+`jpBwZGMj)Tyj^+>Apfgukpw_0d9 z?72NDQr4YKWM?=@i<~%+B-E0BI!9%)%E>jblTi}8inLwZHMtf}eeU~moHRF8je7+H zHfZxW1AzS|o(jSk!E^)_mm04fcJuzvu=8r0ub8?vZqyF0EUB|mlv^<0tm|G-ZAAv3 zNVcA$CQe&9Zw=QXpPlfWMAR2r=Owz$J~3=@54&g`;yt0?!ON0<8T1yw9}8h?4wbN0 zVLmsY)6>)I0s@7lYMkqby9?VndXap)<|=Ipepr+z{^O}Co@v3An7A;bGyY`6b>@YT z!j#%@Vbah27KOc9Ter+F^9j#HqeY?b(Iw0ECD_N~3oBc^xJOyzavUC)`(hk!-3Or2 zYYFR$?DI}JmUc}>j+IuNA5WMtFk2a`ttu}B!U0&NvYTJWZY9}x#!XF4o6KG?3;)Jb zL4IABN9vNw=E^V^_#q5kw)3vY=lljh*g{Y_czZc#9+wZ>Y}s&Cm)7dO(yQ^GZ)J_9 zs*-iv7oR2eLs>s93i%cs$j*prf2-GIQ!mP{E{PqRwRshF$L?e29Ot|mSMs^qJt(g+ zLS~>Af}LB`3U!I%Y+tN{8V^BF)u!6*Qy&&jc5ru1i3%Elv=nFS{qYc7#R4P<`AVL$ zZ4woHr|nbbs{Z*C>!rO%=42ADtbL+{Ublm z^*DR7A&{?tbjJun>&nkzby$d(&0lj0DJfzDjt6wGTLT!1K2d6=FHKPpujsCTzJZFtUYg zQ>U89+FfdOs*>tltaIgL#DM`irO#|4@Yt=&LYEE@ZohVgb-w~#tV~)qXMPx}QS;T; zF)pgsT4NcKb9&`_9UB?bKxwLj&M{{?jTKl^u}UjzReXYWpN*ot|9*R7b1@17es|O4@9y`+G>3@lk2|;*qQ?K z)fvbVrPm^lmeKgHkcH$OL8~unl1x%Cve&8hrz~h{hd;tE1YJ>blj4OKs z+Aq{AUcX2bft=q?_wSk{(tuRQfH~xJcaES3o`OS;kMWRQ(1Dc*KnRA0BYTdELQkF& zS^AEMzPMi`a|yplFnRyjfO0HyZx4%H0CNB8^G#tF= z2Sho2KEK%9PXOG9SleF!)*6(_1n3|rM1cVxrT8SyJ=g33WzB;hXRzZ$l^NEGJj#94 zdaiX=>dn9>@o#jawBh1}2K-pBqS?Vw?($)3Og8~BWA4MQ~Y(9X;=&S@zuKq60>?kCMO@Cd- z;&JCyLUH<`E{Q?VhyF=}0E$xYm5oxQ!LDi_j)p%rDZK(2(+%V`c-w)g_h+jxO7iDb zz%i!%Ed#y5Wx6${r^eO$!W|u|XS>RtWm!15~Wb{^<&*w(GDoa&f&gjP1!C zf4AM8>p(J-J(?IlUuxhNI=_jcEy&9z6rtzY%ig#E>JeApL%ZfeOB8~%DDkqo5Zohp z#p4f)*JT?H9n$XC(u0pi)m^cE7s<=v$R&>hCu(*g{UQK!>I33+wK_2I%i7&i*22>A zqBIXn6(xn5w_mwqVtTFD(pY_N**FGskG-l4Ms~}lS6uu>g6LwcplmbozL$pAK!{|| zCA6(wS1o;ix*bwYWZ0`j(TJ2DWJq;mk>fpkU$MXwE>X|t;3S`@dPDUwtV)XxK|dP8 zq%TtxzNsp#&M^W5m@aQ3qFR#Bl>P*YqONixGtMppAfd%Tn*~aiE6JoR1=1dp{gyg= z*bgdLm8dNv0GI&Kiv?_skP4dD3J*@7JMVHhtiWWQP$2y1TO5%HU~$IkWJ>n)Zw$NC z*h!0&&+>#@oCT1b=m)qxjk=@j1ulMWeab4FGjZdHD>L+VZ`0qSHYvUF$LkVZ?1|A(_?(q1pM$qvn`XR1GudBo15a(F4M1I}aCF}TR4Ca=QphlMtR z0@6UPykm0QS*K6Y}8rv9w&b$v2X6Y9Hg)j!@;W%{TJX4?K1SUEI7+d^B>c8LUc>#bOWEpbNOB%zXFTES^@1rf(|TD@TaPwllvLr zk9&E(-%iai)_;+HG!=e?(gzB9V;jJYu^BdZv47sH@Fwq2ks#~V{0*#?`yT7PsS1Ak z6|Qi7pDZl@f(mLOAAHf)Q_R_LExgyZV3*~(pr*ux`>`L--k!608KAI4yo3e$`*5rY zWx^#oU)yEJ=ep=y32>88F*^0AlhA0{F32gL$|6{B<`vEud9VACUfpAJZ-}ouZagFD z{wnpffh?xi%Z#3Mg?J5bfZb^|XQ{yYRArm==1y##%8|NVaC?(`H$a1y*vW8T1uu^6 zzgPC{`;bd^sQle6)Ydx>_I9W4;_Pl|p7_OB)iO_SdeXji00u}bDOj7mHnOD;o4Jt< zQ&*P`?y4~jzoKBtyu^A8TZr21ouAqg)kXs@jH}rrmZPYfO1qLfTsC1%W)|K>A{{g| zlnjURK(kWC0j-K73`cx!8syoQVmj{Ax-F@U1LDA*QWSG zSw~jjnI>dsh-Y^I!0yMNmufsfDQ3QvHZy4C1hRM=mwEL{)C)_iGAhfIOlUjpMd+w$ zQ?hcM_e8!u{(2l2?kFN+KTmup+ttuP_ z&1*jPr9UDM;4k*b*Vz4O(*&QybM4BEqX+M?R|MBGEFc-p*2ZVAm1uq}{q)Y&>e?Mv zmc*=EI-n6wkfW&$o&lS^3c-e_unK(xWRa1!$0liD7_a-sl!-nsE6&jkAVRNY<3UZH zOd$tCEH?V;G@tW>Tc_t!hJpj>xRR+s_xMqnp(MXa6t#@Vi7(8U=oXKQYf^cA>J?8Z z!2dO+vBIM9 ziLFF{R{KbaBvbZNjaqKJ5_=xax)$Z<98U#h7JAZVTQIc`yKVK2@xU^9%Ey(%JD*|s zVKxGp)|M&t`$Yk6r9te)EJxW`_hxVq1Z4NQ6noR}^Xi~!a!hD+XK$&oLl*_Kcc_zp^9i`dewxMFa#Z^me~f3`)K_W~`iDU<5b` zO3{YQC+L#UMHw$|DNrDoz5$%!tIbVG4;Yg=^w5F)QcnbxB$ls!&7)zcVp;Vx$X|K_ z5LX$D;j);OaHI|LG90Ck?X3us6Pow(R+*f9;?CX+7t~f{N~E@x%ej#8ZAQk^pf2hy znp`y)y&%YWWiar|&yV%vhs<(2!h2|+p6z~V0M(It%ZZO{S%{v%_Nfh8x{7lMErr=> zHSNNmly)jlDvQ}UIXq~j)`~llo(cCFA27dy<@F_k*Md~A5^+{plcG$*6H3w7EJj1q zNzy#mD|0#k{@-1`|Nr&h_rM?EH0bvz{B0{jYEUqGWB4(^%hE-ykNx%F*T{Jv_*0Ov zx9~y!Inl8XGd3%QBGm&F0N(dMq#VcZ|J_xCgqZqIa1zH9|C9k%Fgp({i@E--_&i_c z+y6Iz1Nk-h|LG1)6UPtP7l%Pk%*1u?VS$zw{C%%Tfm-LDk0Qh%FCc#~X#xFfy>aaR z*JE=XKGG*(*%oMX(3iD+z?w{Y_nk8AbI`#t?MqEI-@<|5Pm~JD2AbezFsC{wwfgm2 z*T&myyS(Dz#q^6fb)k=?!UtB^Ms!T$pviYUwB=jZfcocYO08PCaw$TxdN;%W^ub`65bcIUDtK_9+ui%FNt54~Sd~lYFJI!G7`#wu!C%Wt zBPTGA5?rMwyf9Vh?*;uzcjm8cCws|mMPaY!k7pAe5&MVAOteU>?b#k<%f8w~#|$n- zeOzkutj!5gnA6y^J+2i?QNHt_;uE_2W&H-UZ)K$_m3M<-S-iXhctEYnVKe^|nHiKG z{#rWlTv5eA9}FA0t5lqGr_BAK7`?LF>Y?ZT>68urat5EMi+h3=dNB{x0mDf15z; zGw=73^-O_-EDu7FMtDKgnzvT-46>alfm10u*{=IKV`?UAKWk|@iTt6*#mC|MF7%A~ zEWBO9r}i`*htYW(pr2JDZflM^bC2r5{0 z4|!8q>ftCCOk7>P@XYH9Y+v(G7Eg!KA`#e$lCvQ#sYM4XI@taq*|>UV`&BfON`!=B zon)mDk)X$}I;Kx_KhqkQ`VOZ|=rorcjvbrpnh`+9xG%mcK8LU_86e);sE!Ik+z{|B zOCEEUFTFdvb8XCHaap5C!uMX`4yUd0c=JxsEGL$!S?kI))Ep4yHsODyzpGar%WT;# zoAoa6N7jYMo-5KQO?=2AgzkrJ1t)7fQC@n068S2n6w-r2i^ z>8HvI8AblwdY`wOX~?6r!t>Ie%Q3DOG4+KYHKuSAui0L$|Bl|>Kwm-JYpFaw^hSFO zyGe$iuz_bRX-6YaKg^Wl$D#C*48Yyw@jzO$`;bv*o=I_v;PZqF=rIEBY&;f7%{+*{g|2Rhig49*&tjG^u|E7cGBlHKajJ}e|D6ZNE0V||Ew$=3 z{(b{}nRpWqkfdm9O}^NiAJ)U!PN`bvgm8Q4u$g_Wx9}_RqK+kdW>AhW#HIxwoX(MT zXHAxFiR~_dhT`8y_Ja@Dzm2g^9O2_Nna!$x+W6# z=#f@N$bJz(PW_G!u@4Y@NqrHuxgm7?^Y#|kvu6H|^gB=ge7Iy|lE<^w92~n#flj@d zDr<557k}py<}XOUBDSR`&0k2e-G|rV8eOcE2br^$X-sY`?$tRGa_L zmsxVBxG7NG@OET&GN@;$oyRFX_AZMSmtV}iO}#%~)pKWiD~ZODj`JD-m2RBFX1AN2 z?`6Di-nx1Np_lYU#UJ}hKPy&RTb+gabF^YdUTbev@)RXhm^!{=nzBe{fbrU&zj)^{ z>{i(ft#~j&;V7Ew_=U~TkB)lSgKT~^I@!>3_wJl0l}f*3_~*}T(Nly%C&r+AJx|V3 zEPs*6wVD;A+&3TC&+mRDs|$1*=B(%UPU~5hWQb6w_`$~$(Ah3V5eE75hce$5|9L3N zs3j$i*a$%eyFaq*xE6x69S5Q`Nc{fwaQ)`o@V91wfB$~Kx8dK1QzqvBIrkfz*Mo@p9D)#GtCxOBVbxz6>q@O5%I zc@B`z{pniOD#{(ME5&Ash1K1Ao&en;o%Y(#7yC;${-sC$BRD638SuB@bPGM#D)jpV z;QQO46b;@p{7VN^{-+N8rJG3pagP0Ur2hv^{B4r{y@^Rhg(=zW+Km6ul^?Y&BNa;5 z|I+?Z0acyheXomUX2$R>yTXCaJ44?dJa`h@({qo6COi4kxyC;Y?^A&Tv%A|=uzbzn zoKW2ThSha_J?=MripTHRm#iXTN^k!>oByN3PJuhdA3ChyFV{))pXt@V^w+fLvj5-434dRj|5x9UzlQ$T>}qrH@&C-K0NB<3_j*JY zO!SqHM^As>rtK(FEgGVMuoga66{(Ez{6g--u-|KDc&xj*?Gya?$oU70*wzqF zEwfdpy@55BMFpqPVQ^%HxyiWuZ1INFH!4Wr-H}e-!3@|R5AS?^th>zc+1+9r2d^CV zw^h+H?>Ye_J|pfaAxpzwJ!?6u6CV{ z)n7V`LoT_DK{f^<`#Xp#znp7kuFydrRDR@TJwBD*cEuFIt?5}$MR zY!QyN-#+_?%^9qgpZP3~b*-6IM-8L`W}toj*1zSk|M(*Ul!DJa(-~AIaaQ2PIs_nW zY#5?K_wnKv(&Jx6SlwITF%Pd=Rn04k<|6@VxYCnY(0`yW)jls7?4l;8nmN7dF8b)4 z*|qyOY6EW>$Pc#P2E*3UMM5itmXk?kBRl6(eWH=9Ms`<)C zD$LiAllhkJT;e$(XVI_*wBuhfm?&GISZ&$WQuG9_OnuQtXWVe;C!e2SqhQRp^aG1< zkf$Kvg&j6~d2FApKg@?jhBpYI?oE?MF=Ei^>}Vt2{esl>QXW<9JV$|BoL@&Pj5u9w z`LhtK!OzccBluy%Q(dGb;@YI(K=Cz2DY7rC6vk)YUpt@(R15G;u2?rMrd2255S9+* zYMmY>zW}mWEwVZikC~%Z^rQ$9W@ptX!xWTJH~hNP#N*m`Z}k^iH#I*)E5I{pvkI4v z;ay)NJ@R}w5yofPuE?YmX7%1n#SmBr4UWJSL_g7TpYBlx*%|Z5Ea_vM}d~p@JucnzSZ2 z+M3%XssqZ<;f4E8vu9MT<|n>d;)B-U(uz=oJ65*EToNl8Ab0~875Fo@ zZKJsavcq_IQ@evhwI{&D=^G2zi+X#!5pJVt?!1Bw!Mq%|oRGzsg2aF%E-Q`o!SbjF zr}AKKyR;K8`2&H9mS?#04+JC5tqco*)Bx~5AbyYv9(i7h<1BF16yQ@OCXK~>RiyjS zKVu_WLz&K!4stom^tpo%Ye1JM_lHqr8RFv%ODl>?O8Qo!o{XGpD?TUlVIrhYddl1p z=jaNa=s%Pz#zPm3Qtf<*vs2CGG^Vw&b5KOAdS!B~r20+gHc?FsEFT?(E=9g|$tx&& z_PZM1D9-FhWk@tz_xp>MRE%s7W6oPylE=$?>W_z(ZmD9>TTvOSi4waJpoOv2$CfGp)gs<594p6c{IK-P6=u49DK*}BbMt{K{Tw&$<7M5oj* zx2In7(!xSE^|2aREdM$<5L(I`A`S@#RJbUKqHqKp+QK-d`m|hRn(C8gjqsGYT252+ zU|Maq*LV~GfeV;xhD`1>&e5X8yzf65d|fM#JfGocVRxf_!XgRY5Z`o8BalRxZD&8Z&2 z0+$=)4fvl3H8&UF@3yHwFc5{_s9WCG7P;CBb0~YK=vU#`Z4n9Q05mC)FaX++b^#%Y z<8P?;ZbN%5N@tc0igk2^+HAkiNqny%XE+IQVu?mF> zp9_B&3#B+xv%ZbCPksqsw`Dr1nYfnq(C0@&q;_c3nived(PuPi*zKiWIm~ z-d$n!-^dl^1HVXK%YLaRH6pwoCrETU7MbS+hGkDohinT8@;I}qv}6W<@+{xDqVz1yPD9NC%}$2k9jN6%Y{-6he=RNQrdmfl#D30RaW2NK;zqMIdyL zCLN?hK#(R0H9!)7+d1>j%$axQoH^&roa_62*Y^iklD#*{UTd$t*0Z1cx$hgu$x&Hh z3TJ)#m+PzjZk*_6m0L&uxF$R8t@F}j!Lj$D@8IbSCc=$IETlyuI$abfyg=I6%UNC- z&1(7tAHMy$Oz;ho#o6Cc%^1p}vKkGoo+dzv+0T&yyI$>hCU;KPsdL<=lP&(@miyLc z`ICCyzY?a~bbGsxX}Cc;|4YO-ctK+8^x`bLUOIeBt6izPD%eV7;5CM~mxgk|*;!Lv zHQ@M zCU{}TiN)EZk11_Y?!2Evch035C7~PYgCykowbwFa-WPju? z)X6YLX{Bts&P{){zW_dp#@;M3(uyN9&bG>2>ta}-4;@Fc$ReYXn<)1R`_DD|3l5!r zS76@8|E}swiRX6u)SOzL0@j>D`;2AZahky6uYyk1>S9iImofjGaH*SPF&{um@nT9my$w^SI`TMyOdzt?-o{ z5Aubu0p4gg3$3_4fPNznT$gvAOX(@@MPAo#WBb?~6Wus-YQ~d&qMwKkh)NZ{+|dMU z33cU3#ex*KUx1~f7FPqozj{*0v8%0+{f0zX^14>SHD9NT#eLOkv~+;xKOR<_Nh)PstGv~H$lD}-%^4w zt;WmeTH0EYn-T%U zR*aGK7jM3oR08$eG+xU0a5h_zOuXaHRkIs-t;`#Yu1b=Teg-@Iajw^dXumbreHJ`* zGDaVZmafA;I(dkPV#G-CALhS%pxGL#N5z49mD&>?UFS4w7Z$z`)?@*_50?Sam;;GW zNTo!$tX?=x5sqeeIC!}(9OUwnw-I5GVPG=qj zqWAY&ALgdDpVfGJ_9yVf8k(GKZzvO)Sija!;3Q@hgUJyzHF(ygpCG!8t4k6z&BxE! z{2E{Eif2y0R_AZ{o+kl7_581`68k}ZK+V(CMC+7ZYX%MCI+iX267JOCBCfC|a@ z21kk`Hw$E}zw{b}18J-GVh5o#ysuNttvN2vwecXe6EipaGdAUl9s zAV4+hJ~0O^>=o5+DN==(SorGRFVT`BVeRYUju6YOs|&fI!&Ics%}?bi%w8pbhgkBX ztC?10>2BR(^@&YH$@|K|y(r~CmBWND9__h3LeW2Hn}Qf=cJ7K`W<5K69GW_}BTbQ^ zvJ#h!y?hOtVwFR%NvZ2{yI&r`s&6~8nsvXf)=!4i2Y-Q&phdiFnzrua{3pxCDRk>VPbCCY@Zt7h)#DQ2yM;_`E~QGU-{fUZ7ysUPkVw z=8dC%k2%vHRF0IJ)!?dgcu0pSAjmq4+i07Td*`CM{}U7;n^zT}*|SU2-rUJT+Z^B# z|I+tq0Qf8Z3Pvwtjt~153b`nAt1`mq9P&zbgISw%F^d@Q%c#=T8pQ$AgGj8z0NJ9xN5Y!Ncras7Z+Vdi=%1iCMdXar zGJNM6iFy|U=<9Qd!cOCpf0(7wbA6qGE1BKtn-+iO_@w4jppFy?gxX^|Uh|=@d`0K4 zNz!b(yrpslL!>&8#A~)KRS$Seo44MhT~>L<4!WSWzy^vs zsK!CV8+=c0ejoV`O}LQ-NU{x8ejJy#Hrc1W3zO4OzD3m&DSL`zA;ae+1>@P(#B7&w zVF@n=P-lYM(LAw(_RRgN%~h4!IXUj|n(K3`qK9ftd}dS$d_Q~<(#w2tF; zgc}$L$6EU3u^`Pa8?ws-SLi@9g^bo0S2|}NVo;<(u2a~W5Qx1p(EZ%3&u8tOsJ-HJ ztEz(yhWHy`4H8DsI7L2(QC?2R49eiT z85)8gZ<&BPAG|A4dw9))1_-v$mk76rX(R!=j0&!#qO@7Vhx6h^;w_^BRXo<`(>mv7 z$V0-pr6^KA6SE<9z%)X&S@#j4goTDxO%iT++mX*t%Dr<9(=+q7vP-vl^0mc8uB5f2 zoQ_I{Y+to;BA9+lcA*%&tz{=WkH2Y?Ja52ESI9_yYiv=HJ}K(ryVdyNM%aR2Ck3ve zWg=Y!PQSTbzMeAWl(OQThVHr==%rp%Gx3kbC#*=&rmAJX7cd1ZBJy2}Ut<$gZOIpd-1quuCw zkkaZP#l#b0g~9v*TyKhNsqIHMvEcbiX{7T&NS)kCd{2P!(iLY#h5pC*ii2wW0JiPk za4tRt`^ENIgU*%eVXHE9Eav-cZJ*r48ABua#ORl|^waBaq29`W z;G`Gz*xP}NT4j{#!Awh{&Ow8J+mhGLi86;iVVB2~@4t;7YODnuJCBw=`FMY`&(`uv?_0?*) zNgxw%hk>2)+mv!9tXmSP*FT(@xmo5&VXIu*X-h#tIxB)1 zVDRcPcRJ(sct^(q(p-Izn)d;BP5h+z`l7>DCjYHvt;VBGJx-AyO;H(~Rr6F{O@OmK zw(UBYANLgHco^k466Nb_b}QVdw)R!1aBl3_J?XA}ynF|V9_L?m!U)WZ0}(Q7fJ(^u zsx;lFm@(e?)1hKmZX*xJeKh+Xl0zw4kB`{;TZbY)J z4FSA1hB0&Zm|Z0eB-Ji2_<=3)9VZ$HTU^uT5Jr!49-#u)qufX}?DII}cF=5!q#k(! zy>I5w91(E}@DjZ1b`*NGeG;d*%!ezdRkAM>q?|S` zTOjKP`8uY#FPwN1GoHy3FVEXEUwS5UQl@-UbWT;4^=oH?PNU`w*E{%kR0ub7Tzk_+ zuYtC_woN29!hZGk{EE{q?t=D;6@}A$r{dZ;`k|l1ec-_{_`sQG>Tz{)4Y}1fG!HPT z83eAl>^#BkTBR$E3j&LSEv&+`GcICEqC=V1U=pETBwm&~;9#XX3U%&2<+2%*sYR}~ zuE|cJ+5z$vo8NlifM!N$;a^TkaDhgD?EM7s4gf1fy!}1q*_!1qn@dzI8VtBr)I?)fZS(k11$)c!Sn~4;B^1+dFxU8eTURzs-EBB>QZZ z$taTgGM6&ji4j_uSX{Yv{iG9iX0CJ2WSpLLs{2X|YwP96I~7S(_Hp+EVfOz%Rrr@_ z!+-R>$kAur>o&WQ^>1&wiY5OJvkIWO{Ek{Ba@7$?DH{B<>1h-{NB;i}fdHA{eDJ-oVcABQ z`X}a8)wb#GnU4!g6?8BB;1i4ZeGFd!-?+#2Wo}-Q3Syb>U!(7CEhV{I=y znlm(lPwWI=##ywaK;M?zh+M$25t)zE;jiCEPBAW>?mhj)${?ozY*$}eg0uwglBdT| zb#oFx*5c~l%NGlw9nkqJEa9~OzpwTS??=WC)b$`|C;EVqwySsRxA8^*5_Lf#2qEM} zFY*zLV+z*>ioQ%Inoc*Tom`LThTwjv>n{b}mnyNH@(i!^Ev7OK*M)muY?E;qN>DQl zTZSK%;Ty3N5Aa&Ji}$gY3KO2?68l~})S(~@-2xX*%rL-;oiD++Y<0-=H)x^R^FNSp z)*sr>x`M+}hcuXuspo!+6aV_v7t%~mW=gn$&(F70s$sLpf)my2#d1IF@(rAPJ%^td zN|(U#4@9fz`C)v^s!&hufVI>`iHF|$9@U}=jOzKLg}A^PlIWY;_FU4nCrowUp?Z}M zMqiK^?Ge%}SR!1?a=74qb= z8FcHGVz|>8p_L)CZoWbhs+2xu2l@$qA$L}?m=%@zWYRperhbCTRs-%h&k;1xdi!;i zRRf3WeMR8>v*1wl_Y&V$e~waYSmymqZNwUBVDDp-A9|c4Hk>hBdM(bPBVpHE;SUUIMT@zpkHj7hdB&WYkO;HT;g0(_kd`fAHW5Un3%OAST%x<0m zAzHy7npc923ZcGC&8z7tBudqn&#{M6`^=FFx}zWcz-{1kCB2*L28YYXr%x{ne_-WH zYzDc@^y<{>ULRN9U^TE6P{VbzQ$mecX^Ip86HpE|PzK|}=Oy&!_>_fhI{fNQyj!7p zrB6+`(c)$nLp{}{UbKNZd0~LpjHWNtJ6?@a1S4?{L4hY?gHNp5<|!KtbHzgnU^DjT z^9rr_YUC0uz(?c_1_eD7+$mm62m7Gl;Q$ro1-+JRtXmtvOwTO<%pBNOvcx}robP69 zTQ%=vHPOJHkXZmZ4q|mQ(w`%-55#{gbe*%B_f=;1MyFaw= z4**rP0np;WKYTUtW&a^c_2(PyKR6E710^tBBkA2}hwZQBBiDqX`|#gwGt_d1s9X&z z2EXuL_{B=dT zuyvXK%wE%^JV{H}iqv@VCrA@ISA~UcrU7AKUKzl`jra-57TGq%M^E54Pu}JeXA!Ny zDl4=1Cs4Wx0&#K*-0@m!kpejRd&>K&Wb6Zm+%nZqzM=DYcjF$99aHJ|GP<=7_GJyV z7#Xpi;yQDApR#_ZuQiW?fyPj50`m!#D*kqcFDLGsW#n3swswnlTyAkh$JB z@)e?R*A;tlgB2oCz_1MygYI3TXVzoZR7e%aB{c1S_bp9LHBi@Jgz7)~Ypm7GpACDE zizG7{~9AAEc4C4g8m`?om*}T>c%2BT|6;mvDa&_-att* z;IX#C`jbRAn?~<`R>5Tch;=;!KO~z7@PJ?tl=sOWjJ&pMTE(fY*y{l-Z1!ru)b{?f zKj?R=%{XjFQPDSiN?})o_^Y-jEUr8Q1A+t^tZLvs>J^%vAk&D?USfHEtHn&gMQk}6 z|Cs6}{b9y?l3!Nstf2KD|i(>D42j z^gOe$75{NFv8V_78vc&Hfq&hR|HIEzZwS`-n0x{s-UNlXHQF@x{lN8ZA@K;*ZmT-m z^WjkT=p&B4nM(*r3p05sDYQFbitl%@8I`$?EN9z8YrxLC%3DT4VUzH!j47=}WE4qC zZ&BjZ8m$6mcRm?Y38GR8sb}b6idnd!uvPgwWt{ zbbUAYa|yH~or0LxWNTs5W_b~hdT-~?ik*x4&{AN3-_$a#PU2go!;lvFsrzTIA-cTz z=$50|`mt?GtF1plv0!=Jd;mh^J-$GKdEj(^NtU0NSYGK>mbjjHQ+dybTeIOks}nM0 zs~(WbfzC$g!HrM2ABo>2NCk#%bOY?@X%ZgHu3rtJ*Sk9~TE zNtjpR4SXf|@^`%_>kjEtll-Bs(wym+%P)6oC4W}heG8Sx+AI!iablSlRzBw1`8Xz` z@S&^i6Fx6W8@sE6FvH710~bSh1VzCQ+%MD7%M64fPy6%R!?;i+1$A9#q@1}Ou&iJPh?rpR8#XzJd)VLs5yp58bQa@oy$;-6IPTq( z=x9YMJC>0+^4Km|@YQ_!+Wkqotoyv+~{u7@8Cttpsntf|kDw(_%&DS`}wuS>#*)b9^4O-cx;U+o+bAI2)e7L0j zmM3cr>)Yw+!mco0*N5pI@#*_J^dbI&fGboAjso!ejPw_&Y1?L+viH1n0OroPTVo9F z=ZL;y4Uc9=NlAK&tfq%W9u9DH7j~cM6IhVvb6nPG^WmCnJc=4=n|3RwRY&F2z)7o3 zoGRx|ZV`O2$ywO84sLpc;-?j8=m^YD%d0BRd(wr23z}XoybAO_fiLi-h}9x@6j=;eGd#1*+WQtFu`wotxz>Hf|9G$g`eDIFB~jLSm}NQ&n5-=D!}_ zjkkeJy|}cZE?V9zX=vp6P!hD@HpcB|9{f{e}w|{9s0HHzbxzod|Yyj zWRH(vFOgUcrz6>SNK$8E6OpG3HPO>!765cdz;E%(KkN19*#8Ytok$rrC9rCq^=@}= zL6QDjm2&4uKUM7mrY`6-@|;8QBkbwG3W~$8DFueuVkn|W<0%$*PLuUtZ& z#sjc?BnrWfsikcsz6e!hE+cJx{1L5qe+IgL8paA(iB{Z%ur)}lXfJw=sp#Zp?dYky zG2f@iFyCe83X2Vkt6HSvIS$b)z;ORq1{7SG=K*KAFMZ;?@jJa%*r3QVcRP10cmAYJ z2b#fpEj~xNa;3M@rK)FC7z{TK9&8t=I=_#+`fJ?&DZINFmS&3ORaI%EEHd%VR0E%?bjoxxOVqFb+Gj(acLM1s3_Cv z3AeM6LLb3u|H!Q)OiIdKXPe8VjLT^snVG4L6`Cl#_M98zd-gqviK4$$2p!MJpFM4MoD5Z zL5N{r_$X~996ZzUlq4xi4I;~fLkK4mMME0?is2}weSXuzdfyD)GeZ0&FUwBH#P!gq3e;gl&y${9duiIOluuszWoAYh&Pk(~i`9+9~RX&FZg^FYmT47Xh!z%imdLg5FQ#fKiC zN8A8@3;Qk%m%Swq*==c({Rv_tUybmxI&i|n7m<+{2@eCEoMgLi_A=JgxS8{p&&aJA z&B;G5qx>RCMGR&zLTR|H)E z`_st`{rL>ZT(_8X{(LgvKb>Kw_`km8-=_X%pPScf82qV61A+Ps z`F%FhTI^rMM*0^yD*tb>kpQ`|lu7?-`ss>g@2C~4lD?R)gln)nvsGYyk$SEaz#g+> zAX;2A>jTB5cML~qSuf)jVNUn)?rVEp;ROA~?XcsU*WJGcQ`0bz)dmuWnwx*)E62 zLc^}H)#98>y~hOqrSGH)9f|C2EfWB=L-lThqsGB1w%t$LZd50md_F=9GBF;%y`VSf z@4hR$zdxSuE1rc|(awAPqpMEVAacL7mdzM`!e6)i7`N{tcYu2Mdl<0f<1^PTw_!lS zeg243Htu-umzS{5L<_9ki4dFGMf4FQMWY(wm}{`5iXW~Shwi&T2-7e!{MUgDL<#u} zIeC@fpNKHP+c`q2F}f4g;Zg@3`iFza0c*~tXqUsXjLsUZm_FC5Mh5Dq9tJ5~4*twr zi&`&eQh>nqzK%<1jSJ=7x>k8LH|MF`U zH{1mps|%)IYY8_KDUJ&K1&3>|arDHJCl*^AivyZoA=E}GqFSUc+!ZI;W&}-KgMx~- zmHkqF&M?LNCkc!%bheT#Qe=mtSE?|sXk*+z>b*r=PS$l9tKRd#=?uvI?&trD8asdU z|3%s%w)9b+u+t4x+|drA$;A14<>fo?`mC7mi)xgUeY^35ZhvcXKlAkaIvHG3=o4If z2Ax&iY>~#}Pf^WGXfw~3?ImXH-tL!aR-=~~XC=D8tm6$91$cJd+Fe=I3(9s*JX38w zW~Ezn#xXginhK|0DlPE@D6L<;rlWS6DFUcATJyh%-8zhvtve;>Rt!_co<*End zB}!t@U%|`wKK@b$w=CQ&M&!1G;{FZVFGJGJ1s1MkB6XwW*{aPOYFrZ^I#b*hM zxTe4cey7JN+8Cn#-VvXT&_im9-bOVl7k-x@4c}y2GTUsKH$eLvJazHa4~Gzj7$@#E zW=pmagp|7r_mqUB(fasl+Jg^4(XXdpW+&X*w)~i9FZT(Z=2U1bWh3Fl$##I2pvgu`E3unEGmjBO z3k3=veJsdsxtQhtTImurB1xM@Rq6RatTAbZ#Faii(m56PqN-Pd0yZm_!^N8_bD}6d zeE}LSpZfBeGaoP4BtYj_e_x9X&p3}z#SS#Hq1urQ+JK5DQDE%H^3@=ddryQtL|4hY zm*XvU7MtQc(|Pf^izqT$&dn?weP|Aja&5*N%akl*Y{D#(z}Kx@t8$NO_<_E5D#%m_ zMT5`9d2BCkx6_m3#pgQ2?{^$Wk4xYF@}QX~FpnmaoF$>Qg(pDuOXQv56~Gnxnx%Xm z!Sd1^Cr&HM{|az@Sw3{mcWJ~Oiko@XF9-8;<29)TV{IuWZ3}$-_N((B(d9nX zx#7ar^CC#Pgn}aY^TM92>+fZ+gsBC*RD@a-CEA#O@BqUKB}*2``;_YiA~y-Xn{#i zUQJ#Q;D3;mWyd?E*Td=T7QA~FbZj4alz$LQ{D7c6ku_dp28-3yHl~@@N~)hOX~o}@ zzvcN-?xQtVo$Ow!f;)|J^dQCe_YJ$4iI`Qq1GWo>4|H%8UmhwFY%n&7q^1!vzWR_F zv{WKQG58%tI}DT*hdn68a_(n@{y<&E`F$GjbbHp4Ida3SsOPCDnQ))S)uq%!VSr(o zCT_92QZ=%CH^nWYkXrki`Otde52bTY%p!(lA zj{9F_F!y(YH{E|WmHgl8sMJ8qXHEY|J^uGpYWd+jGp7GxD(|-d9-nxSMvPNY#YJ8v zz!ny{(lFK*9c9(*4M>`=-$@B%>HYB|IOPs7BaS=BeL9W?U;f4H+=)^9%N|KUH@h$Y z!^2y=xk&va%seZJoB+Xp%lZkj#($c2=)0{^wP|b?PEFeIG~d_k$w0{-5R^NaB<0$y zRM-8ujemktcTVa#Un9)I>Q&=bb|R1EmohdxaJ&oFOEdOZVw0v=con<5fGAgx{tvbMmuz`mO6w!WYKdgtxiI3OT`s;k2+Nxf6*SYli__}Yv(`|aQpWnIC> z{q-c#2Cm0pZoW^TpUn?WWvGu%d=CqM?u3V?Q)0JUWt!7l>9=TgIJZ%1uK9C92l=a( znhs!Ft+VLq34#dpaE<%TH^BMvQJBZ<_c$;G1x1w@qY+he$ln=ye;Uf>Bb6IO%VV)? zw?lq7+BlSTuqAs4mXbG~TWo5Dup;ytcPh`wnP#=uxGrB$pCkd4cx&(d4*%B(QM}Y5 zBqUj3OM0osl#{4U$OU+FKRz^+OhLlOuW6uW#p6+_TXD(f9Z29$P=#U2 ziv|=Ue(S>O0~XuNlOeN=`;*IDjm$O0e(oAfM~=$eX6*Xo?aECp-n{do07WR^Or?|9XE zpG#g`eu=%@Wr8vQ3{F|l3jk_~UGNDLh9}-e*sb&rcRUZJYNq(=F%qT1#BsfkG{k}5ek2ZFwZ79eA9n7x)|ouRT!dG-T@4IpO{&W&Z_+wu_Rxa3-Q z-xzkaIIYU)wr@#q!sVgQrawz4vNY>gx+IzzK`3*$E13?vbm8}yZBB&6M06{5dZH8# z-w67Bi(N@78-jwYQb9*nOEqn9`tXcu=0F0qi?@58ox|e08(UIeZ;x-wHr&^ULQ0*n zj)|R}zQrdleeLd$C?6333+y`ZZVSHC^>MUbacwo9PzMg*+Eb_mqPfoE%+uM%8dR-htMYoSYqh-JUi0qhlW&I#f0n$fP9tSN zkOW+QHFAI|4M5583GO^V;&Chj?r?{Odc(?!$_hcZE=J`X#h1htakqhD5TYMzcHmV? z%tD_rL%8B&Q0qHhZS6R1fW7VHE5mzNdA>V#O6aR5Z#3CU=*mhR6#o&&yX4ut{ep{f ztSVyfh~QMHmj^cu$v%?5sGc7o|HAzw)H&FNlT?fHtt7tk7stzMjDpz_g80ZOiD0L1 zN!b-CdOA_{EF~ToPMv1LmUkpoVz$?Yv!>^% zoiw!~f9-cVa0+ZP5d*;I{P_Erl#UE8fnxVXFYlW=g)Y-Rh zFZh7md_oS}VIkaQ+kp*A^V1$m^RfHk4prKh6HKa}*2KSyY%VX88W0tZWV*d1m?b-j zkRAa5h*Jav_7(8bz`ta1Q4MWZtfFzLj$`2I(9x4Nw>M8-7G-tyErEi!2i_B;hW4AL z=@&waGYJ~w=rNZ}ub`WQ1pT}l2T$J=1-*9Sxsjys^vN?s5fw^yj~h^XgjI$nVthFP zI##=gpOsFz7QG!jSIhoT6l(t_SNfL!{oP08%O?O#&V*1OPV7WhAiMH$oE@V-L0{*D z#%!v%ZIcXXq&mvZ(1yl%Uf_LrUu8*lpEB*_DgumyG*jX|t$hpDs!3M>e$k58wsoqt zt)T^?LiyJDi=#pm(}5P&sLdfO`9Lrap2~cT3l8I6hfZwqNgX*os|k-hZ~a>F`kUEi zRY{SwxP_E0HlRY&iNrRG(27;P#h;_}w9qC$&93-;4MZXFS)a8XBk0z2G{>qyfJ*RE ztJhGI9gNy`z5)>=5&PVMGv&VT0o7enm*M#m8xtiF3JAzN zLyL5{Q*~(XdDfwYA54K$KMYN!QE(H=H2BRt2kKEiCy8Ad6%#Q|=qo0O$9NM=(I_(^lQTf$4jMF@Ff8cL?vsU6S(Z7a#R1V;;(vssUXUmBhg zVVaHdx?=RW!1F?%aRQPJwEGhjbtzSkpxi^6(K=rZqr9oFDMw!Yp*t@7VVn<8&k%f{b z+*x>2m`7q3o9EXgr`*bjwk{j7)z>#}=8%z!E`T^gdMVjz@>?+b~0de#J0kaZY}`RRP_HJ{SHz`q^m*hD2`77Owqyf*dhz zyRz7`JzepSeIxY8z8U{x-?;wj8}kJC=eSKf+@-@-qxsXa1L5~A5Xx2WZjGSZ3;p!{I5+sQ4_P5wET=_WU5_7m#BtZjdLwrNmYh6`Y zRsLlqlEw3ux?68Tm&)-(s;PeuH*>?4#gpxj`Ew**aQs63B>zq^f2sENv&?r+(%FohIk>LKp++@SE+G%-4kM1q1QGeox_X+qh zB!y{^a2@;94&>=gT%o&`t}2ood|-_)!{|kF zG2zQ_R$X?5fP&1{x0;Hok@4}t4!%2aA-fh0E03vN+a1`i$5xWY7)|V97toi@;7ZnS9gA)3aXWB`_HW0t^0- zt~O*igtn?*|64U~?j!PpOljA*#?prADoT^!*F6;J^3R(y={6R$TIZ<=GFa;-0#ECA zTFtpBJM@UV>_A@`Nbcy%G?gkd#Z+T;!~KQ0AhZbnV%v5WLJucf6LFK8M$T2;`anKb z;pN9&y*Gld`&(vrmN@C)Q{VqOZ9|^>6GZUVAuS}`i=BkthY-b6(O=Rf zz|3I^GdVWvQZO_W^C9>iLg?)+3`~+AG1K8oTwHXkM ziLX`Ii|yr={KCSD3EG)&e()u%^jN$0KTCAnWs|oh8S*V~cq$%GbY@hbV#OQW9^rx) zGoqNU<7`JTBUL836=qSYw-vhR#n5{~>yyHUcn*(}{Dqok<+!la>iVT7&JAg=j1Efy zp_;?to0r4Y&+{mIT{dV{cy+N8qrIWVoq^;ei397zl3ds#Hv>YfDV++N5n_ew%&Feo zSnWp3=-8ZXQ-0ybao&q6@;I)=QYK@`X3N0_^_}@X@}ZYaYx1El!`B=9;}sFSbD0ZC z0WR?^13nu~Hr$i!>Ui2mm}2k`z%I;AMd#XOdgkQIWn}Fh*`h~=bd$V5h4MHN2vVMk z=uM`zeL}~6`Z#Vg=5(ra@%>Ju`h{mf9L$LDPG?st6*4t$qra@P`A6P|{yJ>oc@Pj-|o`L9w`&B%*r#sNoGa=gn(m!CyI`TUSx9L?PC*3IuwbQ;VOkKC?4E z{U^wviTNB|o8w`{8%%4maKW8VZ`QVE< zCgom|UJ0h`i3e4cug#Xm(z*GIq#-52mSX>|b~aSV=H89M*)=o=olX6_Z-5YHoLGE2 zL&$gbWM0`Vd05&0YhscE&>8&_#yfn_Q15+#fV$M@wagbj4{cMe^4j($P%0{vtS$*| z5(~UmJC3zFV4=q+cv#02pBS8JA;j@=ZPm+ATk(gF>qk^R(wu>Wg1`!R?cwrEy9Ar`ycKo;9`zUQMXm4R zdp6Yl40a#*PQJEa&AOoL#K+%IL2*@x*|v*H5%sBoAB)0hW@o{Vsk%@X+c1T?uJfB2 zPpivxSRO?rCF^FY#P%)L@s~H;vN|_;DukwMDVoW+vOkz^a98*x<+hipyW1(G%6L3@DgLS`Ym`HhD*o-lu4T-L z#JUflx7h9!H3*yORWkD`&JKCv;lk#Z%3DRoC%l{(7-&&}Ab(RO5vmk8Mny3DoD(zA z4N&=-r29;l0sW`?7WSs7k-1t6vxDdOGN5udf{Pc|)B@qqT0DVWx}BmF@@^%)rYA)> z=$dRjEAQ97Oy`zRpVdG$?rZk`yf`*eKeCdO;CTqKE5~ttNFMecK%Yll8jGoTrT&UC)yBFgwz?0_`5;pF{ZWzIjti4l-30H5l_kVk)d!zxx036E`!~WdF zSjXq|0VH|6=$v5ku^x*>|8sYd*AzPJx}|0DhRyLcSNVc6S2H_&nLC|=E)b0I`qtQC z)mz3@xnD9|4uY9qvu{f0gm^fbJ55HfMjvL|KlLoODH=(+j4v+nl85T58ONQ4J8zt(v9w9& z(S!+c_EsoY)Kjfl{$phKKc%StR_f;WGNS(-ZBgIG-{Ab``yMHV93wsIsbG0do zcm=37o$CKV_AjB;{-5JmNW6()_z6moSfoE8Ujys|bvcpZ`@i4ldqm#_xv}aMg?HXp z1^-(*SSaW77m>3e_9^&t=KJW;t>(tkd zACalbBKspZ_Kymj|ID=Uuk>-DueHsGDQ&9{HxpZ=UnM9qN=v6_y~3*R$sTp!+DOz# zi~YziII5Pq6zv8@t4C4-V*@!3y*KspMK(qD(j)g=XQnTv3`{+;aoot>*L=0!lh$BD zXvNPj9>(~y!^JYaR&_IU>kQN`lrS}Kvqu-kxeL@zk+K?~3j=5I8(N8KxX=vBY#Tx2 ze6^+ZYdsmx>ZmVqk@MKQF>HtZW8m}lPdjfUUy^U{rXLbubw8M4-+<*?n|p?$?7hBq zi=T86CYIKHWXj5t69@5-1ADA>T$I1i^g7$R~?ROuTp${&V769dB%%$ar`-~&+Z+ZZlZc2KHrWz~Lik~;iRCXz{SVdRfiy&2FU4PWn!uxG^6IxaDvC9_7#R4L1Kw9>9 z+A)9F28Axd$ni~`6Fd{GpAZva3gS^GRX;)AUl{$}59oo~eXDX07~&>+PhfnI6mymP z_zVHw-}Mx4et}5X->N@}S$kAqh-bh#1~2yeb|?j{S#ne)A1pQn@r!EJsWSQ|oc3$N zb{%L|*X-;&MU+QmgkF-Y`K+4r(sf>=`A~NMFoeLpm_cdRb{pIA%E+1Sy;M-wSXv>s ztM2nEtak=86y@V(*v&;mE+Ejm6Im(O*+$1mr^S@-mJUD59;y6nFn0!Ouf-N(NKr}= z2(^8W)~KGHTmxpKf4W5}`CkgQMlTghn^=X)B^#XuOm5$Ts0{R~{B1Y5D>DFnNCtvH z9A@_2j1m~IX{lG0zY~96L_529FbMi)Su{r{te3WyBF+>;0;G)r35#d$6U zd4UiQ{CwKIobzAHUX&(gIC>BXOUkuf=D6qy&V_*~<%OmWMG2X>&^f-!(W-O4o^M-N ztzYxRHGTVB(4o$|(y5q9@3EnQh&urj;MGwF&|eherWn)Zd#u?hThPO2Wt2{p-E8!) z$Pz#xvc$*(JuZSHVDZ+ZRWX4;mQ34uOvQqGS1+QU1q;_LF9+SSKBeniaN8`J{ARSKTzvd!v{8PGMC=>|erYkv&#E=$ zV0W%KxAJiO<>x1I3FZRZVqXiE3n|SPY&eA|raqvUah~Bop$9Ii)slOps$Z#B4;_0{ zQaL%8);q%Z=;gE|i$23qPB$x8RWJrN)pg*4MTX~N^CJ*e`KGX`rX(eq7ex}p?kD#Q z61=^-!gsphy*|+;!$6b-N#8JPDe-c`G8x1h-%6loJa8QEipM zYogsl30_rTSuh}E+xHum^2FCo1a=KYKs&`~z=wO^8Pq<81~8Eo(y%+2(2Uzrim44TJmjx-;v$ z5Y{r!2p4Pz^I)r!{1E+h`RT)g@o8hPON@zbmhskBHhEK8kMi4Js-Jxkt1!wV92@xH zAxQPK>3_{X>TlMz{8!QA|H<)x17rRlBhR)J$36h;A%g5K0u00tWG#Mz)|g`a(G$ze z1O_vbt_=)O9w^xU3A$AT-#@7E{nyZ1{&$VJba4{@TnY0?;n^31X7epBuIW$oKSys6 zztK>0hhxxh>P0eylV;;`(X@8y+~Wvd7YE-b36Qr&M(#5lR>JDw;8-R1ZHsOks%@U; zR{ABK*O|sh&oXtP^sKa(O1l}IRRk%F?zs-78%?2Uy~drbX>u&x94;d}7_`WkifYN) zRAs8gx5~UFZPW~Z9kT~;3~_1=A7 z?tupemIdA2zlPu&C!cvq{SV38f4NZo#rrdPLG0nF=UzZHS%jOj)0glcx>6 z2E=rKI{O!uQyfx>qpg+_M6wXy=U!96Br$cSoUnKqmt8Hk z2>kjidh9#W3Py32a_K(WCDz%>61kmdgs+f*IS~6`lVkPVZz~^8tZn53?Cs=vF3)M3 zpP-UNKsHj%uw+1&_|BhpEx_A{;~K-9hc|LhPPYGkbg2v8N^l3ZV%jU*I0fN5&uaDr zcFjjZaEIx;B{v?Z@#vtTjCnt+l(F<&N|3lOFm&{^$xJ|07d{Vxzx z{4aS~CtwaH_f00K+@~GQkHaU<;m^ar_lT_G0Dz=@O*q*iIRlHlSe}0Nm0S$*_IR>K zvZPq?D{UI>*7rh&+-eGiGWwRh4(ne^0q)bEcu)UGKIXr94B1Z2R@_n}v;_dOP|soK zq)4;4J43cgk5O|c8oS=s0UJA-Cgn;Gp+NxOi=M!X-8i_1O=&Yr(ioB{wz*NB;d%C< z_VvF0%{CXSAMhVYMj*B58Ka_|<%Mcb&Rf}SyWj1epU7LFAro#Tu73-9MSHrIvr&^) z9s>bry5t12L0)WAyU3~0J^T-zPdj{~3^^|n(pux|yuaO5{~<)Ngq+sX!X}3-B0=_+ z7pkhOC&U`==XSkMdvG(wN;|^fe85HSq{DzCA77}tCypH>-$5UZzKWf1b)aag#(JqQ zjZ|^MEarA^|44UAp>h83=t8KX_yX50ls;B#GX~2GWG12<5DuAZ(%s1XP_v8Po-Q8A zfuD%!ip$TVC<04q=w5Ae`gcPpz&u{)jV>;p;T1EYy1s;N@oayQr~O+p7mf=&I$c!G zihwo?-gkkjl@h;kA_nJT9NE{=72fIXVy-!UKG?PT|FQSpaZN`1nr{#U=|y@AN)=F) z-Xkg?qEeJ1AVma33cYZLDIx!)LhkB;>`=8#juk`8k+*>Dripq1Aw~%YnLY6}*dW zNzzu3$z@}Se-5rQ`3K|%HD;zp+Ub3oA-o*j_=LHnCfT)jBde_ECW+WSCD?E@9Dsss zAL0_X&~zmFma#jFJTdnQOTP-sI^LFWcwhgaj6ae4x^U%ZYsgs!f))O7tR_pY&*Dw0 z?C-mkKNqj|{IKr&4C-i#nX-@9d{y~%b^j(GJz4gdb;xcqMOdUdmz|3sg(x>_+-(1yLYxItl=-6X%SVj9~ z7aW!X&Jv{4ZU~a01_%&t;~8HlKO8x^!1r~n*+1b+f1PgDLS%>tMW*fa`C>#r_}rTu ziY+9gblJ7O2vjdWmm&)3by?b7Z|!oIpbksmJb9OAHyyODc}1V2AM1&Wg>kEDR5T3^ zdR$QatVQKTWfr=%$VSKjn5Rg91Upu92JS~Pt+q5yqM#KVwiD%vzPx&s!qkz!j3WAW zGrpW_-V&dHI}wcum%F<(xhD^>^k{7MCnryTBt_`_Nql(?J!SPp31}mg7ys#Wffcz2 zS>3vmFN$4D_EKn>rry-&nvmh`EpS}atCc+w;Z&Kc=fU0-)F=mo2t!9$+{4PUPWA}* z<>HpHl?H9)aC(P5pB+cYW0zj5(q2I)6{T1#A8^R{VTGmuk{=K6B=?M=b%e(KpEn z2i_=rMz`O3sM{N2v&x-uoq{kOeg|5ac8&)B`vkALkJeLVCmzi|WkFFQh)QU4W& z56^?b&m5~55SvbbuiM)BFSUyQA)NSsJnrB4bNWAZ68?kOmw$5-{+$ys|G94c&xMb_ z3;Qzq?ft|%k%}p|Lk#sa1I@m+@iY)}@niZZ4s(|(g4?ZFASN$zOu@O3HLFOEhj?*r zy7<$6q6UrBivSmG_{uVp9k$X10rrMyW0F?OQxjM0?E1s@pKQ91A+q;q_yTuH`@M7R zvu5bY=3#*{pX0cfd!k))7A@HZDZTo4{Xlm`Jjc^j%p0d4{pOVlfv}NS)H#5}F@{ax zDWAVuTHoJ_Y4+P0;d9T#Th+hQR3QlWsm>z=>Mfi3n%~J<7H%`rWalT^i-)eHOPk5g zu2=rB7AQlET2qcG_>VA``AnxC$;r!E&d#Yhn-H$2 z&zzp!cF^R<^yj8*E%ql7dKwp1Po>tu(SE3?rT%OV95U3)_szS>bhKlNh%ThraHyLB zdAeB~cGw=?Mop+LhO6SO%hC^HtKHKTpBnu7@)fQxS@y|+63dFmL6i*Y)N zB>3cSnpybK5B=P>aTp#hY}R+9XS(1^!|&7QQZr4yLJ;oG=Kq5C&V?~$lnf+vyK~Ry zv`~eLyfLI0DZcL*bz{F`J@B^>=Al=66>^R=o z;!>OU0e^2Ep(0t}j$>=}-nh`~6V*QC@87ewR9CtGHojkK;&d(Q zT)I=q4;u~gXcLj(b{|JBnRauc@*A#fc;jgFi?O#Gx>`XaoH?}~+NMt6>X|(dgSDi^*YcyyeY?Eqt)_4xV`MBOH)_ z;rM;NlYv>Ftmw8>(& zQ~rW@?RT`6b47h)+rN-we-AMZX5hsL?D_~~ZnL^&&rD5wtNMnG=dK7I=I4<|k<5p! z-qW|Du<-${gBDg+mMz}<^>%#qR!0NuPvWvQMqcN&l=dxgw_I9=nrfUQSS@a{iKjzf z?WEw?Z>uM_;&e33H0dom)RFje`!DwS%r02A{oqy}DSBXlJI{Iz{yZE+ z*`s7m`Syp){J|Ns?wISfii08Zk10n6ias&7(!kvFt6s`GFUI9Hz}haMW6)=HN**=) zzAw4HCAaO@saEbdD_X>q!6)(k_i`)=pOyn8XZN6*dfD6bQ65yE-qA>!vtkF-%|60h zmcOT>{pV2Z8rZeU@?pwufrW$S1&%Pf4-|$@4IG=P=}b{2n~F`Xhh>kRKH*f{YYM`r zazo$k$*N*%OBy_+>P8aV&Jn6RH3bP8nyDDR4_C#<3!0wl@cfhtyEZdlrUmT=xsTl2 zQ+q0=*G2`?8F}@us`~#v3LnDvOj=)EZaWm@OO3AAgOV?ux+X_H( z8@C*k>t+A~18qwHW(a60dkN4KAG8ZK98Txn7DE|-V2e!N+@wPo_9Hj*!6tlV8vg87P3pjGTc zn)~Aqdj{2~G=;`o4`2{SH%{0SC};nZu_^Of<*%ZP&<@^^;z|}+W-Xn*tK}+2Udo$=|Y}tPeC42B(ot+q2@D;_nhX2v}m$mSS_9^jRh_Jl833drh;B_CYr1(x2N+4Qxpk*-sL z#S)6TDDygB&w-!KQBJte5CQeu=q0vcG^2R8nc?E5+!p6FCx)7-i{salOhdqmjWF960dJ2z|*3 z7A@$!Ggd!*NwfWi!m5%5I2Iudzx89c#Vk*NPaAhI;=$=`{N$R`hTv!`i@i7mZS!z+ z>1NPm^;!=7%Tvb;;%(R<g+sH)f}x_=Mdg>2{&T;#13&p%nAUEbq+di@$vZlYLu6(VA!R~RpEDPkrJs4| zEG;7aV^y%)ot@k8ZoKi}?A+0lFSQXM?YeQ?b=AZ)$fKkrOCSv?FBVKs(6BSiRcO^P zqvX@M&~dG8uJP&j5E`p9$g}J_$Fc2i^o@xxhbJoF<=o0rWLav@Cv-;X$Ypb0nDBe6n=G&6geCay z5AfqqF9bJvK~KEv(X_2_PKp_OQ}0zzuXA~Qa*FI#dP zx=YGwT<_zr2%udxSz?CScQ3M6lE2|5-zzE-qqvuEMw%ZBd1)RfvW8?0&r0MKjQ(|> z@$dcT-v^uczgv9SzjtQhKUI1EI<)@(E*f*Bd6jL{J>tIhe0G^Krp)i`yynQ`FB3e8 zV-J3TL~Ns-ij8jaa`*mw(Zo5{AgnEZa8cJ3Kfkb+Ot$963$045OW8p!=@{k+A3;F_ z9>!ZvF?+u*d+H!t)v? ze2E&eTBl|ja1%++qpI3(F3+y~sIN(mYnG_Eh+gW6qa_*RFtD61F2R6iw%9VouY9p3 zTQgy+enHw#4ETTVu54)XhooZhKd*hXe6dF=itnM`UiU_i3#d)~NK7=2YEp=PpDJ%1 z=AeB^dF!Uo!DsH8|Cf3_2dNO*`3SOlpso#M4yF5$6AO{1wg2tK$3B$%T_60$H^R!z zS^q)-Gx$rSVxZIr`BPhHc+=|L-|W%vQnwtsi@@DrFha>V*E@ z&UDDXF$hfm9|HpWmn+i0?r_}&i1L3)k6Ixa;b}U^bj@EX@!sXmMGrpTwX4xjGZmH( z29^1T&m-(Q4mn0(`YTRd5J6bbdRI0BUM%bLOVf<#si|pNkw|u|eeJ`$G(kGJ?lA98uHPI)NomyIg3DZutV0S(6x=Y7K+T@KmiGP}UNRf}db*lhI6`>5#@X?g zaC5`m`8dOZo&Gi{dtD$tnb;%9lGHydSnJ@E*ApX>T6sV2oFqe~6AgWhhv!(JTBKAr zs@)kmL%gpjgy(pwC(ji0vNcAZf3Z8&BV@yv07^BiWM?caxqqXB`rr+YCXy=tMcML=8&ea$gAoX?J@MUwfQw-{X2rBXZv^FnMpERBw#j z106(4b^SUk0@4&pyzppexN|=JzEIRx;&aRT>|iy3ncEC>XhaB7jFC*7mIHL3R0o?+ zuxr$2e2Y^5?4fl>T$*Wod~}oss{Q&k+=$@mwW3S#a;q?JYZdfy-csdDs8!1B&ziq7 z58D{FUnIE`AjOJbQWwR>pSdx|%*MOCr=D)hPX?_0GYx@eC37+u&lHAfWt;0k z@HR)10o$oG7mG4%Rp<9$w@@T$g^)#bfP0T2U!2(=Aql$6LozJ$8$Svvce7R!M!OQ5 z74K@*w5jg*`+?5n^V+D-vXRgTO%ak#&T?Gu64MZxnX9*<-%Xe^@>x_%UMk%nQPY7& zawxIPWz$9w{+a;6bsY&PVYnjRUkSaId!jhlj>v^`Pilm-;5& zjTahnb%0z0ef_Sy*6>vSDD5mqK1Ors@kEPLez#jmsEaf2p7dRI?6U?9iWPZ^oyTSx zC9wLgQ?t-jd}v|GoK~SOSN3$AWH{BG=a96lW&`_df3tNZtQzsf@W(~iWw)8F9zW}1 z=h986Q;EFh(ZN`6Z^U2dn5$v)McGUuU&sXUa@1m{Dlx;7GxA$;RZqE^qJ1Cj6YF>e5X=Iw zkIZ&?jRp*atpL&b@1GoKx$xJtI0%r?-;D zGDLA{8k^uA%M3T98I?EnPAJ{*Bd5BR|4wCHn0?w;)h&OYM?{y$)Rdn^S7<5*#BL^v z0ZwEDnGVi)8^WAP?U-%jdoA`9K!8`{g(ArwA-BLa(g&giV%j5>C1)MrVHz`TZHs}(?7pmajVL5 zKSiS7Sw%$yzz9{oKt;Sl0;G|rWdqurNvq=UC;ma+5bwE9SLgpswQ*b8ne1_%RubL*MyeM05jB!{re1D!h`eG~v5RyJCfeL}x=EMShnFvji(v-R$ zUJSz*)vRGu{_Mpw^PACkqABP*Rm9VYls%d%IG=ZijB5Arip4H=o~8F}t0H|(6|=RX z3+%$@=VJlxoYxz(^cPD!h>L_!MvJXGc)=_$rgvxsTH(g%{#W1bo-_MC`IUx89a9Mh z6K|6k32!Ty8DTQO)G02xE(*o&*!%JccvpD*Jo?D&kk=5yj4=ZQn2Rq@W8b3B9KRnO z>y6CWhCcVbio2Jipf$K0q;l}tnuk!2>+bXOBBRg`5Zy+#W77fib^8So=a%c9OWrjK z5zp=zrO7k0R{zW3qxpTV+HR^HdNMP7RB~jXie2DUd~NP(6+6STWnJreC1_#I zC^7P(X0SYk1_yz->^3)jR6>(pI}T3kq&g05h-tYl+I2m}*onjhs3$g85w z$JdAh zdv91L5LHM|2+0_zOMf-oe5!^%OYT;y-OJhM_-0GXQoUv@AM?Pu5+dPM=*YQ1&EdQj zCF8Rqq|@-_u|WW8g3pd)P>oEj^KOn}D}ffK(iH8;jVt^n3*o1O)uqt+D`3{mx)fDI z6J+hMtca+&!(9*WtnP&9_1eFT^N<%gHS62Q82u9I8X2D7$B(QAzx49^xTpB?2YxQi zOw9a{kK;5L)9QshemX2dsZrnw6lEQXk29hw?o-ndnA%^Tb+-qM{U8Q?dgzqJ{*;08gPt{ZsSOXopyqC)xq``Ry*S+`&7lky8oi63M0@mHpprq_E$=c< zqG@izzB4Nv#^#imZ%(niOn?4K130ls8(*5Qh*grhBA`VhGdx2AqY);00xG7L-qMr^u^M58hrb5gJxXZ5dZ^|nC3e;S&WDSP zt4uTnk;w9=`a^o`>K^%&qoGtt)zZ9*D0!oFx%+n7jutL{3TN}P0WtG(25vo-x|geS zH})k&P%9Qs*pu2ivW_?-C5rxbO9W2^q!-DeesS5w-V1{@o-;7|E*4J>(I)oe*b7BD zd~e*lCyC7p;lO*>5*=Z#WPFWH2(Kux-P_fhZF>ymf3ocv3P*NmKdVS1+LO#qYNbkT z&N~BX4OF+4_>hd>nKYgtlKb#DKjVi6L!=`WYgy)ddPC!+Bh7BSQcR2R^3ZL6O!>Vz zgJ^~|Uk+Nqj?A16UP37b$S?<#Z4c)q8YLT>(wJk9t|g}!iq*io()}L?=$EpS7l72K z>jY0HZv`ay=^`whkoE1@gCjb}i>mSu=Ogb@9kmcpT2{=qu2EF8@J3C(?($&_yVI?8D5}LY@)qvdMmwv9O7wMtN?gHP~7|If^zp>jMysI!k=thSHs{22a{{!OOP@E3W zf5~}M0JKp#&Cqb9us2l*VAFy-&Em@8RCw*FsB1m}iRht@#ojR2CE5C^@RkSc?^9Lx ze*6I?5xcIniaK9&IF{Stl|qZ2ebiKii`xNExvp~G7hyEU<6j=f?Ox|GIHTOKxdVp) zdEWUL$+II=7d`xXiHAz6nSGC6<<@aV2u%FoQf|Ck-$!@PCwST#awR54%r%E9q6D8QwsVC=+3)dP-c#2L=Gk z@f(71k+5V$a4N7S=|uOI=`p!-yq8)RclP3!;^?&7Ix#CYdnG!;ac$j7^xOO95O$-- zMtcUmzdpdG9?2}+(5*h3N5;C;5|o(3F9rFh{S-^oQch|$04$;BZm-ba zNugo2zR8@jo=fw&zRv#$b*W`cQ|elHHjCo7sS@`l*>>3@;~B8TaephwqiO5+v8J*q zE;8Ywf#CcbSyvtjwJRD@+m+UraK~u)>{ZNGwveP#+}Y!M9xOQ+@x}wnLjM2|Jcsxq z%L-1{LjJb!D1(Cdd7t#3O2Zmc&J{X;et)RG zas*OE9qmSNCN|$d&sCX~q6`?G;L{B)GPl+VX(=NAxaFD^ zdMk;->rplVRSa>QIb>$}?YG_oz4b)IhV|vK8E5Cus`9c2t6eNkAUj%2Qvi6Gt2=-m zU6+e1>YCCjcnKB$UM?&jJ;tKPCa7h_*!F?rH~Av2En&HxaR&D2W^}KU9a}eBQUlh; z*e_`!do56v_ix>)Bnnje*+Ksu&F}vVA@CoBfchJW0RL`;z_O;ILLrSN= z(>k{Se9P7>WVwjUpVKot-E}6n?XhU7|9M29t0%U5D1NS#T0-_?bo8p(7=*Unb|er& zqaFb6K{9sw`;=I^5+&Li_E+kpFHnols+g!fu7u_n13}fDIg|)6T$z9cUfaxO_S}U- zsf;T-Y*Vv)rZ>Ozt7$jBHY9I~8a5~!`q-;a$CG&4n`_R}5fFm7Zq|;vO7S~?wuh?> z`%P@c#Us3c5I)_CD2F?pg^(#pZg@|^ZjYh$#%$SE9VS2#DKru?%MfWYk=4Qm67d@L zR)uV5;oQ0bOs!1dBDgwzNPBX$d^JIjoGd5Mn6PH+@dqS98BNgvGNkEW`hwa{!aXu0 zi06|`@YZQ(#h&u;~yp0(SoG6#kKHao&4BdhjXIJ^QZw_9pX&VUf4EHcoD-QS?S&izvX4Qa9fO0U^sIbB-PRW-1%Br8zTum ziu7S;`8lwt-4c42?Lq1Vc)g1BM+uW>9)r{m5NUAJvv+OhNlyvEke*>r;=S%iEhd)v z#ZUR(lemeu#+}}=Bg9@}*P2I}^jOTiG&h zK9s)c!8<|j^vFNYYU~~QeGOv^A5p#eIHuP` z-$^`VH~2t&yAuac61o9b1~NQbY_!IW)|oduN8ZQ6H3=>fb;-=WjG-6b0`ySQCAtT? zU`L{ss&YDaV-{J*)rD6|Ri5+8>oX>=%KG{k=6$Z9`XCfar$lWm_no4`e))L&DK2=q zKHLp%f|m1QK>ZC@W5alEADVQ$%#8l>dZ$~EO?6Qg(PZ-!UVlomxO4h``hhUlh2Mj= z5prLy+!q?qZ0zSaa0~eZ0(yXh1=$F?7)a2pReHjhx{<1twcPxbOnC>o@OdFR>dr|$ z^?hqBI_{k{1FpX-3K@jIbL_{_8Zq9|oU*ugbMSGPEtg1;F9>`OM22gM%*w zs1O7X!KJH>tD$}F{N|#bSdo(~dQ8-Db}R9=*l4bY$?K2PKXL@h55X5m;sgrf!#mGY z)^A64P3>6g%Uha0KHqxb3D=Uh)OHjzLCj`*#L3Oa>H6eOZbR&yNEK9C;!MFGP|6nx zL#jw+hPj4K#sFpvYNi-nAKgYXix@fm*#u?kV{uyQCW$RJHk)!Isicr?ntO?AabRr#~Uhuur)_^xZ6A=_dzbSaNyOJ#d{#(5dNo^ z$6KJE8yg!E-Kt+jPT9!8J|t8hZ~J9BXa`J|ko#?DY9WC~$m*Iczb3|L%-R)B+iUOg zbmA*h9cA^uKx7t_%ZEm0JkcTR+obktd-?+0UQZ?Ulbel$_r#c<&jro(=}C`b^%Pk z_TV;=O*zT1p{~0>!&5quv=x6#m`Yrk!F&3V#~>=FroN}R23HiZqG7%;uYI+x z)q7N)CBphTw5ux7$iz(e%$$;Y1X2e+k90H$hE$W}kX-#3V|`BLAJ6Sb&-4EM|QIn}9zkl#aRk zUGYy5{qAQUc%ckDYdT_%SHgDY!oXeWrl}ZuMm4>fxLe~2`oWwTB4R(A(8=%l>lZ*d z*FS$6z_j7;NYX{KqZfFe2pRYtyNQ|~B{zJ_rCnP}9i@E~S@K!9_a5_8j?x_h%`lbI zoy;*7ItfLD&x8KHH4?(LRV~#YdOi7BL7Z}z7#npc_}&WbT@V?i>1scxNl9`bJixd` zWM9T3k_!nwdQ&ZGuzvk$eQcw4*+sk#1~cVdG!{=PZ9SX z6A0nd6oG~HTts%NlKD2+=I=_2PgP(t*8}7Au7tQRm?hF^z3rzIj3PcIu>(ZPd^5tM z68NP^KL7H2Yv*&mz8`e8)qPjko!Gx7-Q&v5n6%Nq`3_P=(^*Jh1#e^h-8_9iY6*|f z8z{OyOUo+QXEQ7fHSPyryZ%~>YC3KMf_q>vQ?DEQ^&@ZTg84$fkHELowA5p(GV#@! zU(_dcAv799Lz*~39ND-#ANiC14+y%3;yn9+pd!f;#)*$frjU#BtCP@!p}DxrwDeTW z?w*%x!kl?*OG6I6YPj2cI?kz1?I!NVc`wzx8u10(t>?>8Gpu(yEPefXRH9t#KE>Q1LBJ*HA|MX&ejnejp7w+Pb2YwLoy)N}M`8cW~4{EAX3BycA zXS;`94~(Yi>~I9FddS&i&K`H?gruW_4i+vRd5w_*+*dx`=SzfTOPN1k85Vz8@!i9) z)Yi-XCU`6~t;l&+F^4IsKue&!yh_^rHr=}zRviu#GZ09XVhm*_y37Y=an7dxQM1db zzrLArq=;YC%bHs^pSU~M{Oj#{yT#TE%DrwfU4IRUc~ps?89T5S0Qs@D)@FY83BgU` zCMZCNM*E$OakX?yHHG+8WtW(c|=G3WwvqmcCRK1y)rMXCl!xf&V z{q}5+UclqmDAFqt8a+;;GxU<8;SKE9MOuL?@3b_wS zMTQW9n7IgDi<={6A)Lbg#oujH?pR@;C_6wKm6aD_@~WiMb@ok%4)|eCd&^W+=Jyez738^3TL?+T}%@?AhbL^ z-Q>0n!I|k1G|EXVl~AoWP;Z>g{RbU#BA*|lQi#_%yg}^2y)Ot+M{~ z)M+yHnSHD@xcsZCBPp7B$sl^^Jc$;+-mwp(#IQ3fysr`&z%|C27v9GvDy}og>IwzX z4xmzN;t1k2+v^4NJS*g>>|KNA&`rKZl>WCo%J;#^KQE1l-U`k>pun|br7-#L>){AruWLeZrWu|rwy=h@ zw+%D`ihT}Rzg>=LR*tvRa5+cu?PIl&@Mn0ZF{+4*7WXgBCvrII4%V4T_22h2K`4+1 zAQv<>02Y6E%j?t#%@CGQ3YY5eMYtFBS?ZV$& zOK4G2d+_qADC?DZ!}spBRgE!zws97xyyht{(#3yw1QURLY@7{Fe~F#o)P-b%`+SDw z8`h0ub0;~?5;2csOgQCIM8lWOqT%Q9)TJe`xT8?QS6r_{*!`r3Z7wSL#u?Vm*5)&? z4u@#Dw-e6=5045UIDO($ zP4zunA1Ty$&d7TeY8U#bVL#aB5y|B&wM`w?+?~Tna<@%)ifGY7KV{-`!E$0?JL-p# zI&TtWJDv0{(k;oR%w7;{D+AbQ%jw{1@BB}T)*IL|XVdBOCVf7>6@dy!^OsVAmIG<` zQCqW*@cU6!HP3Xa(9!^)XK8ZqC%B4Y zA~)%7FuM5Nc&F;@OGVDpZAA~2P?LtFAu)~B7W>ubFZM&$se)XvZZnULe9w~0$eh6N zeQs(hyY=?!&gJ$*4^jVP?khD7#)IoG`|E!R**dnx5`2ila7Ka)ZpD;fS+D{1Epl1m zO=wLhO4*8L+}&Go!(r)z2iDW~a>4)%_wEc4T_0Ps1paMMs_#``byhLO7uAXr$xLH76kkAGT88llH1bJP$TvnzDyc3qPEz3(|*utJ2MQT~>gl<9ZEl zrnuSXdjJuDUj+gKT>!i|#()}rm#EAFiygC6F5gMq5Y~BfEhA|so`ltG+_fnLb0F=& zfxs?b9V*kKe=s2*V6i2(79jR}j^}4ImwRm}hMLyOl`Ne;f&5vz+)3b4+CJu)5FXu; z(aDt#T30f*a%Fg0=pdY!FC+mRubqen0)i~)n%<#uZ4h$#tF;smP=KmGO z!*ObdzkOswfZ_p>CkbcYD{Ebmkk9AoI<MQ}lM1qgW zXUX-mSQX4lKjX7(esag`oDgVlCi07eGR=9Idh~PPCN_;;>fQxHuo#fb#Yfrf1WR_) z*_Y1sY^^OatwIfnKcW+Y6LoQQw99pp#oH+~Bw=KY+u55IvRU$Rao5sMvP?fkk#2RP>9p>-{K|v?tb2f@OxUFivprGbvZ(qXFG0AJ>hp&53>mhluWr$MWh- zz&E<%9rl%cm9?tRTgD5GpKr2*t|oT z&UgNT%GaZ^obaji>{22Et$rKJklhe+J9@p6z$;b#ONNC(_Z%=kSP=1Vzv&(zQws~a{UJKel!_oHfD!+ zyILikD-`IXBtjNWzwN0A57Y0FsstJh3!FZI45^Ph41!XDOl71?JHeU-t}4iYLu9>B zZ@zl#f?@4!AFH4;*ClhvcYX=V7b^2EN1E-Fn#?4%>h`lD68IBh(6mh^?DlvCRnzcM zW1EyGT}~Q%d`5DT$9ucP9$Thb;+m=R2@LLgMnQvtj{rs$* zRPHwgtORf1V#X|5>ps1}kWe#`BRu={du`Ty>jSIy3WQ?fHIgF162H3wC{d4&B4Rae zKdNhdFXH3z;oA-0apA!Rsko~~j|Ib3Dbk6>Xy9aCfVkRia{?he>h|s{!>)W-CF52atg&;w;H~)^AkGB3rW7ID zgqWpXz(7oC0AzXj@4Fqud zh14w7cDahB&x(YrraHy$=z7slOXgqwEp_PGg{&^_Vy1>mG!mrpHZG_`0{Hs9=qsHX zWCI0$CGE;(GG_>LbN8Kx*8|5-s*bY{SZD>dkhis?Atq7o>du44XS6WykHCrgSFrmW zATf94)D*?IU?9Qm)u=ExT5~UY81%VRH&wGR2lVvu!8eM?{*;P)Rwm)v}M#W z9A^`>>aVLgph@9T0zH{cH_XVmt;P0Ra1$aJE(Vxdmdm*wCmEW*L4E-vJtor+-j5Qhlof3o5I!=iglVE9*0u9^FaIAzjJ0gnIL>d%o>zBQ{9 zdN899;J2oxZ{Bv0_{9Vqv5Pfyu@)OuS1SzEX(S1-BG7s_aM4KdDCt z2g&_hN%wx%I5{QIPKxG&9QMhqO*Wc){{ih?xB3H`=5Eh0=2=7Xk?A+UeCjut-j*!r z*AkM@br|vda_+N6y9M!9 z4@y*w5tFJmyy87}*9A1kc_7)Q_lQA}9~|D>meZp$#8d(#N_Do@M#5}voi)mb z%(;{~^M-@>e{gu7zR>qC--WP&x@Tmn<&RkB%UnogD0=z zCQ_HkPCdfFi3BTL7`@fbu%01+__l+Trj;6jyAfRpyWL|JfC;-xaQ4n{O0t4tJl9Qk zVvDrXw8*+(^6Bl!?x_|z^b%{hZn!jb7xA5l*=6#HqJN#)Dm)fQ2|9nyX-I+MIyS|NoRjRUk&|v zm-hE@x?L8j*ha>>9F5-g;M&IttdTW?oY!wIH-qjP%}-wi>~(H^s)z5tdMVm|h6-)GBHUR0Z{MKKmsU zV{hF5>C(-wC9qfeiHJFaJGXOf(jYFyd77%gTTLfS2K)gD<%FEZ)8yY918Mz6PN4P+ zAiNM4zNHgtxa!?A^^*%5)1}4eGvFUEwlxVbEhUsf8j%S|vyx+ANnqa7yz~e3Zu)3u z0yzP*)UO^nUZvqV9rSw)J8QnSR1x6_S!U3I>{iqsbDqBnHg@x?A_6;1nn|!l;$MCN zrvmSzD{hXt$A-1s^2x+{9G1cewOyg!{Nl1YWFX{%kdx3g^J7%L`V}G%TzbqEQqy96 zY%ScXUXz;0@-CamzK$y8J>85<_k~K-U-4gTN;05$cy-YFxT5G<1RCh!Hgzc`_zlu? za}~VSsYI=QG@WEO^V53~+f$wg7)d?=EeIc})txWDk3Ux&#C%I?9T^U;n(q7q0#`3S zC`LM3R}M5*Uglibe9ZXn%uMs};3-Fz#r4mPFQw8Z3h5%p%`{mcjDU+R_%^aT#!KC# zuy<^bc=p1GB-KKud=F(%SlK>2zZy##9foXe*24#iY;`Se&-%q&lG%JX6f|dQo!EXM8Rgzy(e^#9`@17bx?=;STmgK7kvqlyijXhTqZ-@ zZ5sy{1P^XE!dRl^w!IttizcDB$3@8Wkne40d7-v8T|VeFsB8+%RxnpyoOj6(<-K6j z31$HzFJ8|40ga~pC-%NOuBk0uJ5rSn(pyweI*3$hQ4tUkklu+1NRuYgODF=;MFf;C zy+^v#&=C-V^xlyU2{k~7-##;QX6DYEbLY;Pnfu*)fAa^wke$8uUVH6T-u1rE`#dGE zIZ`F8cuD&CrKGWQRMjyNcZbau-wzOS4ja#~Wd}ndTfmh6;dC8Ggnf|*e{K?(*tTaa zQoHBlV=77hI}5(*Ild#|7O`EtqMH6aZ3OIhiSw_;ef-0qWhetOUm-98KNk$k(fX(u ziw%%%AS|$)-)3%OU_s(7>GQ^y!jrA2{x90Lf^aKx>ai5xc=zI2K(b?p2>14r6#0MEex} zbCdJ^ZURaFs|loGSMR*OYFx&IFd=;*jxAua{O*gdHPJ?A{ytgfZ|?T_y?y$rv_WX0 ze)}nyYF6K<7xrA3uC23#m-5IsGNwP%!$-w*+p&dOif(oUhQG9Q_QY-vw}V_bD&J!d zzsrQp5(Q6IEShvNySI^>YRVlw3Sv*aB6f7d-2oi|@*hc$N^3>=TW|-{ux#Fxk~z#_-OHW^h2N#9|h)tJAxVE4}gx; zh!*&%u^XQOjV(_`*(w5kVhCg!Conghp2r6_NQ}v-IK>wB`~dArGC@)u7Bd;2-!nY~ z-XICxSce`;sU3_OfzaliY{@a$?&THSa>ZT|MW6ue9eeKgxdmSo`LVlb>Z#SS`KjL2 zcorQ@w`8;eXnck(-orxN3Qnn=YbkFVa&vFHiMbB(bY}{t2}$*o=zs!9w<^DM^Jn`W zUh3qXgR$T5GE9<{Ok9$CqOt97G>T9~D-tR^qEo)nSb>G8P|I*Gmuy4leYh;qR!6-F zJxq`Vyvn#2JhRBMWR3zY$w_tRfarLDxV>f@*u&h%_2Ph~0`~y^*-4hW`JnI==sl|k z2+BRa4PdcMhXd|Vj)h%};aoNJ{PLO585VMKE#^OdZCYqP$ig3tDL~?2D!}TQcK5; zo7-5DM8rw^aMKlmi85B=! zo>t2BTFlE2Au>EOEQd+^-B%(O@Xb*K6z&%NLC6V)AP9*8a^U4?(QV`XF9$U5FUd4H-N zTFFLql_<=TFzG_1Jaeb;56}g?YGDPs;kSkyANi~U0r2h3%y8~M>7v#`SUf(+Twj@*aDL-qq4=@zi;9F9}fW1|?C0$l_{; zBQu8h=+z)S3y{I}>M4r~besF8IDE<~VdjR6!-=t=XV)rJ`Q5Whkw^T(<9a*2O`BQj zeIorGW>z7EYa=sYn}f_I;qwwdK98=JBVBejjQh*cnll#7#t)zy(vqo9aaWXfIh}}0 zFT%~x>7Cxd0-|e5J9IF$4Ku2%W>7?`-`Qp50QGVRlVsG8_AA35tjbo0qm&`mNKhAQ z#qS#L%&o?;Bd_t-F;jArEH>49h}8@^OxJC=&|nkyrs>V|tOm$O`^4#$gvG3HAn7;kGcty$0>HrqGYC1nTs+#EoopYkoYpO-dV zdFkO}A|71av2YyM9j9gIx@Vqv-Pyn6gS?Z$U8bcHcR4D|VXjAF$59%^@PVq9Lb`VF zj_5HWSVPb}(&4%NQ=LHUlu?Rb2K(VJ(Wm^gS>bO&@(`G7HQ1zn1VEv#Glz@SAKP5< zy9?|&=@84Ku7EZybLkHtnXeN8<>PSxAmN&S>Xm=qLx21K_&@$ddP)D=QF*VfuvbYIU5lugWnXSk}|C6A_iZ5(2uQ?6RjTZNR*!Y_T#JP&P}Q%EgV<1*(Gjr z1%#h;&fzYNpc!-qLnCEW&`JjEVzE9;&a9F4ODX#`(yxN=E;;dSFjOfkZ4%O<^tN=+ zON+$O*U?-p>QQ9Z(e8l`1PlzMF$b@exl5<+5C$02gB%FeM3T-%{eLrZ{1J)a@20^E z7mw>q8K^tuX(HZDYv_3@e!~R?^JRl#Y=PAK(76t7_9%otHaKP zUTU4BubL-UF&w$FpEvZp)O5N+eArFBu|isf%;^EATQQ7Do^UlB2iBj<_kNaSKmwV* z)n)&_8%YrTfNneO>cEzaYNiPWrcGwQd(GN{#I1UaQIg|hG4wKq;SSm%f+DQ2I6%OF zGf+RJOH>_9vVLXxCaYDWVd4v8^#r-AMicUjbC+$XxQ$3llPY%iKB7YlHk^y zZQPvLDcRz@7fiAq|F{etvAL1vjp&J^~SmL^!^+OJn>F!NlMiI4Qlj~Cilt#EjDoPuNN8V? zi2RE`lkmd(U+_N#!=gk;sf^BoLFE+Wa6?x=V4hxW?)8_`v37THiE4Lp8+XzU-V|EP zs{yBaYgP9L?(JNEsoD1NiiMxp2@qC6(ea;F3Og5dixwZ$+2tl0Zg|(~dh*k z%-iHhJmfXLmF$SkXo`@U@Mc@Lk$+;{;iy)BxYXc_nq6I_>;ThPCms!!rWbl>@`={+ z-oH0*@^AxxiDh8h$CZ`&G&lUTIEE|d-IMkCn>!n_rrR}cxc#r4i!0$py!$ihN!7E2 znDj+hV45&GFZyL~0-9}$-b=Nru>Cu9lA$t$n>wJbs2iRF`Bw-_~=DJK!{Nc4l;92+#-l+J~$Y$H1r7 z>>o9-e?FzPzjFVEWX%+z>XxKQS3p``_;DdOi0x;}i9i4R=WrHvmHey??Qxh(d~p09 z$ToqE{~#Ygwh8|t^jEgYwxvKbP@Ox#0wHdhU;>`sM4|#D-JbidJK zy%8A%=z_t6aJPXh*O%ZhC|QPGpL+|#l1BIlZABlu_Gbmw1kLa%B~CnI$x>bb+Z2Pk zjH3qE*p1f3mo~)43ceNShRHZ-SW2qaf9`z}FyhkT_kQduq;2=Y^d=Y;YrK{~W6Lyi zlw19}FCBWbbPFeT9UPyIQWs*e0m!*m(HvcJH$R(5cQjr3z-e+r!FopEUE*~KfBjOO z2OFSiMRLCuy&fnd%px8CCko|{J|<-ipMin?`oQRYj@=X)-*m@i{1uh7JbY`vkIGuH z{&FR>e;2LoFVOQ|ScOnk!5G)XRSGfo*Agza?2imo#3(YFHSeyEepbi#*j%KH6w?Wj z+)fz1Mz-hq90a}N?z=R#56`$rcGHVFCvUyZFW&LUM4UEICSfuNpL02l_g#F+Q)81| zmnHaA{k(gaoP^J1@!3oA;x!*lx(W@NrM`aS<5O&u14s!@W1|n3*r@<$QK}DXB`Vwq zt5-E#3A;R@v|_4Hs`p|)qs{ZV6Rj{)d-B6oV#z+gR6ULY9|-D3ML}szv2`_rdr_pZ zsy*%7$d_&93Fm-?#DOqR51-`fKu*bbAZQx^ug`eWDE!GA8)l0QjoGP{wJnepwPGm9 zXM(?hJp6)V(F+29VayQzSH62Pw8LmHbFHOy33046`c(MziqC+Zza5#RY|Omf zm@Uiet98NKJK8c1B;}vJTsb7rQfswcjlxQyt)j6eZVvFQKv_ANP^U;zaY^ly7`4?5 zxNYI6n_Hc4p@D&7nF8Zvein$*wnE;0oaPho!bARY22+qh8Mcl|2$psFSBOy2UKoDs zfmfKSr(yy*Gbw#apX`1zHP$zR!&^c;kM?Ow% zRBo^4b4`7KpuLGj^c^OXiQU!AOh0gsKgX4;&*&CNTq`$P^ z{r_}~z(tj=K~-jpnu`9Jxj$(6t@<54VDEmkf1dnOz_s$m$V&a*l=-xgQNt%5R&a{B z6MNysgTnNh-Pf*jl(>E=|ACn-hGX%gM2Zw@f=KtsBXa+|VODqe>THvqEV6LEu#omz zb^Y^mJO9tbq^V|HFWcVyGPG9VFfyN!73Ft zMFb3H>NCo{w`gQZ^H<00eZ7}d)w?F4+qXIAC@bsj4Obe(sNPB^$5im6kw_}%cxX`;uFEOjuSkH+TMo(5x? zOA8zdZ)nh#`=(vlc%=w-7;Lt}-!xf8g55ok9d&vEG60DZn+t6GV9n68p=$b!p>$-4 z3tckB_t|l4v8krNJJ!M&<R68|FR^8bSxLH{7R+M730NrqXj zc`a^>$}Vq&J3RBUji;M3qk1>^_|9mMBM1nt3Ot_RR|0IG4htf*^j@5XO93q ze9zxr5_nFo-&WgysD*xe+x~h1%PdEf@t+&*{{U@joQGL$ z%%%ST8Tt>8{AyRo|3k^9Un@DA_A8wze*owwdB4_Aey-84UiY`x=%zR>uvw*T8J#qU%~Q^b4z zrgrRuWUU$$MVVX-ci@V^b?fCXCfPj8mj{+U9>S4uVvNyzblF0^y;6s%P<_R)rRo^f zTg9#&B8`f}Zsa;NGfmWbsMRn|#qvBebMnz-Bo1Q_;bMYFsPXL|KSqOt4o8X->Ii zPM*C{^iM6MxTVZ7u7_`hR_XM+TCIrc4;;MQ_TcLy?@(jb3#ViKOPHbyf$a_C1`-;a zC+1Abn`A){0|l3v9DH76fR%uN_b<0kr0juX-PC z{P0nJQ9)*Tt;LYAL~lR)IFqNDnZX+VQWunlU5eGuI(bDCZJhuYOLHDzw1-x=4B^-$ zgwWD{q*&y8QB?p*kPCNq5qo$1#LDMZ>3F9)3&owK>OqgvFFsJj(5EJj0f+5I14SjA z4DmkPvEwQzlKFe9Q@=DZ#Unv;*{S2<+B*`S{4-R|dZ~+`)qD zhsL`X`d;h|NBgHX``y>$SoFQT#GWvUy6Y>8_3UXx5Ks@nm zySe-P=wT;3IsA1|HZKO-g_7)W#EZVt270GEQ8@*^iaU%T+*$tlCHNKf5S+wl7WpEK z>d{C48{97bz9MfR4<|lh1m^3X?K^53b?sQbnNQDLtfRL}UWCjzJtS>Z&H+F{9m+UP zUn5d=OgtP%cUn(h1&)*>{3Oj$YnN~kOzLtdNf!VpiJ6;>_(4h67(`aHy5At8i6Djm z$z5w2^Pr;WCgZg(ry$6O?$RKf2=Bx4p^e{pMH>kdpMZ8zD{B048Dr@kz z0k8y=WRKF_Z)GvV#&>V%J&ZDW)adqKt}An3Lbh>I3W-Dh&7JUZ7mD{k2HvBBi<+8 zG^&&66e6*u@lDhc%2Si%k!(ihE}T1?3` z0zD>mi88tU)PG1I8K-Y_zU9RV{@%3?6_(@6(p5{)QPWvDAK4Kys8`x?95^tK@8?Ut ze4TI=FT4a~RqjfM@{4;pvp;&yO5;NEufC#-|^%~Z?J2(_}P(Lh}tcSH# zz$`6%B|mZx_l^pR8Eq_mZyr^bfBPuwOysta`OslDLix&R|K$>5fC~)PECbfY>}NG! zKD*Ix&<&CJ@ERpsw>s7;6CI61vYzt!P1=!Y+WQ$ch$c(6eKjo&ez; z3-2E!Bqe*`PX?l;Aa>wON;7I_A9e6pdr@z64D(CW1!mtI7>DxHo2&(j5eTR^j(9DG z#WC9OB9QCT=)6G<>r4h_f%3lEhzE^Nyx6jmj#hLuf*DUW$CQptUmSmB=y?Y-5P=jg zNIeEnt?4K10J$1z$Tm*@CF!U`8~8lxt}_~-NS1G`3E2tI;jGx1Y;cuSOKaqt5mw|* zP*3VM_^!U9hOghiJGSuybRr^WheCEzGMe7yNq*q_sL1!s(vmc->q6*I&dWJeB~}Lj z;8v~TAVBBZoHPq0b)CTD6?6#(k>ThB`N#zCCJp8=yL?@q#4UpthhW~8BVA^eT-QSY zsxY5*UWw+KI_gG10iKsX5{tN?@#Hc;XTpl^WqYTeP6M)(@8vk$UnDTHNE2Z-`G zHs3p*5<@Yxh_7fc#?X%!fb|*zRy6QNmt4DTfrZ4t4z56(WLEvk+_f^iQD9cnQ3nS{IOtm*BSu%> z>HFBCOolG*8rn(hT$k@!tS#MFLqkKVoG4O#39^qUB>a?!4~pDR>7xpHOcY0Xj$LQ{ zai2>mH89fis&^7pbgRv08Td|FV+QMPyKKn~<`{SuXeBQ6BRHhzZC}2VTNnD4mT{5e zT0(;imTOG30@22N-iOFkPJj*olcF%XUSZd+P!XZ<9JUk+Nd<3G@Wz}S;br?Q^lHGC z;Xo(2&M?fQjuBftcLXEV+mA{3njLY1m~{C{bGY>_qaF`k{`;QCl8}$3>8()u1_`)f z;YOU2xqFJJ!yM1Ct|X%zHoRDZ$x>&t_*zM?wCSK`Xz#2F^s07`@XgSw<+?o^oKn#@ z4S5*}>adI_Ycou0cd-g8P_-o6wSB{%W}fgTzxPvW!>d@xZ{fS-KYF7G2?OjKTPw*{ zK^M0Nwt{M3>NUFgoyiA3JyyFd`Mn`d3)7gxglk#wwsDmXYTg@ug+<3yueLSCLsoq9vD#@Iy`4+7>rx>UtX!H~`+#h?8*VAbEtm)y_A@|CQI*$Tw zt~pq}%UXGhqB@64Q=U;6@Tbw1S|Fd^wG98t-w zRQuOdB+hnVN5*>hohPbvb{06mXzgZzlD&jswpqfCu3d zt0J>67uIrw`r3`h#VRduHn0z?y=c2O#NHrFJbMl?X5<~FZ2m~n#zOr#OKdI55kFFj zhkag0Z}4R;WYp;XoVM0E_i3&pIP@~{rYbIu(k|G02!>(6;=hYn)C&Rzc49L^$LyT< z0ATlyoO^*2YLCTsKoeVWY{}=Ak;J%(@Jt*b>Q%b8dML^m#(Uc(f16i*MeOub6Zt_R zfIS9T!lN5Ryo&^*?3~zj7akCs$vUy*+QH$x^%#|mz8A;zajFh1@3c8C`YL*MRomvp zp*dR3kICv93y&NR{b7(*<4PCfF4C|2#ga5OG^|(VL|HPMT%`>BopJx;2en)-Tt?g7{usyiJUTyW@W_D=S-V9o958 zg6q_sq=m3tyl#Z8m!?V6*=i(!{nFv&-WBFecpl9%mS@QO9hyPU}mua1_ zTJcz1gth%aky8DKY|Cd%+Gj<<5D_Zk5@#4G!rJkYkKxE+I?-Lrf;Fj~2%273vx2E) z?^of*ui|f8T5>ww1rqHBUg~wE;bG9Ir3Hztt_&=IZLTlcG!z)=t~OE8jPYF%F@Eqd zSBEqBUbcnBHh%O-;{tN(ax*g`vJ!sL?o_UJ;oBn7ME0!hsDQn_2d1akL7DgKO>Ifd z7qSWhsub2oSK^MgD{;OP%^=THqN!}tY2z?uk zXog1MK!Xj!Xs{02qUrhweV4|!D&=c+LeIZ+>}2f?FcMf$DAJ~Xq&wA>dW`o?;UDOq zNhicdJ%Gg&;X^!cPwpdKgb3L>^mQ0hA3n@qq^Sx{`B>8xH3e5eI|~WjKtc z>7tJ;YBdC|rSKDlo##vGO-w9w3-QFtXktM=o~-49F-pRD+@Er&_*)W2NEJd2vx3E# zUPkGbEH(l@BL;Mbl1Nc<3VE|A&e3uM~!+JPCHNZ0*tqIuiJ zbZoYEBOx1;i-Wo$N_QuWOHtDJ(7S+25AEOi2dD)x0tjY+1;6bKus<>HD>`gHngz;P z)_#7o9da?Tz!OXYA|A^Sy|6y~feuBv^#L#>qP^0i{WxqOOpb=TTII~X(}rFtEf$Vf z-WU!i@5_@+PMLIZ@EbaR;x@fE z4`O-iQZK^{I#0~3gyg%bMIE{7T3Z&|i~sz~{8^UpBj zzenWav$U&}R0nx9u~-=Glb)w^AK!m};*x?+!X%o;9R;Bk8gN9Thuf4A5zD=JeI#G* z&X?ltV2Q0aq`K`!(QC|e*SL8$ zR!orllw3DMGGf=t`fOs=O*mygY5NaeyjtXCOnsXl*(Vdg>b0@L{~Tqq-<$G==)&#A zH~rD!iMF zROYL0W$u!mw9NR9%1U__#i=k6imf8%5VIbFsf#h;5Gny(b;>rP)aPoWpSf;xluj?B zw;;@OLvj>0_L9Rg2Cm{oPM*@^udo$yCowr*hgDToDWrhvM+Y+*Zw3kI2rsX&6_v`A zKhn1$qo9CA&Zze=EA6VDgy-5^_gHxP5iEdnd=VA$A#dG@)I^FlP#DYoQE6Q-KeMTn zD)QP#LW??%-ghaf%dO$ug;YN;kALIy!owdRwXzWb!(NTBXJMyVkwF+eAsA}6#Vfvi zNx$tR_1^@%`F+(A-ubyX)%tMz#L%S9L$WnCDu@qm6&-KvElk&;9j31y{ zA$P#sj$b+kz_Fv*mF)`ZBX-9{B3+epQS8hK8g``$;>i-uyl;sYZ=drGiO#qvjhfS} z>j@k4;Fj=DUGr?E#N&$E%|-;WK5I=XkYhK$9zp_f44>ajukDJb3YnAA5YKy_+rV0P zC{Ki`PlnQQGYlBY^KiHa1bfLZW?$Ch4Uwu7`xQ*`0wu+FzKD;aZ8!t@{c2xyGgj4O zG#S;_<$j7CH9Vj0ws85bc75i1{#gc|y6Fik5bpPYEzG@Y5XT=koDEz$?sJ+KR*&N9n6EggXzInTmXWNR~3uUNI59U zdYf9cLm~s%n>~vI{03s!Xod>ptL^-_q;dkdq~iH?h-*sa-ovdk>lRuo?UZ%;Y#%lt z8nYR)>9UTeI}NfkYMsg+n;M<(LcjD4iTVmD`Wx9eabA?Z7LZ=B0b?G_3_taH`SBrd zs_0u2`q%q8TwHxzZotmL;ObvY@I>ro3yqgeV|qsf2DK*2LcofwW2vh1l++%+eaJvD zdWFs9M=$cw>n8z+a5F#;#ZBQ=r^;l%c>2D=UboNK=1bRaog>+`T6J58Q0K)mtmg2` zO9{PQNzW7V@=_V6L+8Nrs$Qnai|G^_qv`fTyVu?d5AWcEA3G^688L`gkG-jC9Jb@M zZ_xz>VVF^HRv*R+1gZPN#ig2e>9hCSUzu%4%?C~8c)W*i7ni0KnkBV&_$KZQpAA+v zE%*08wc5KC^LFN3i~Uv$&yd~(H^~};RE)=7iQ2&_JsgIV8WZ~y2qwQux%LxzHm~vJ zz>8XkQw<*%=(3grvey;WMJr`1!{L!BPj?bc7Zhl9m;Z>@`LE!iem)1r14U^gPh=^n zVPm`5T;kqHDp}A`Y3E;OWbo^NAaabAxJ5)Uo zL$X(1IG6n;e8L_n?qUhxw5xyv(6A9;BxUQ0ot_yq{)^zABj?!vkYe@Q6Igzi5CdOi z`5oLd7n2Ai(&$$F0Obtn9qs=K?)l$s_dlLKKuk#BlvK@ejhBCb6!m7SfSe7$qr{P0 z2B`am{Qzb0?HXbt$1q!GDS78JKEP}XXu`#WLTr$c>>?;+2b9={V*smUH=ioqu3@6? zS~}f9o1@w!KGn7wOH#kOE9cQEi*-5j8$Fn@JL*Q;uKNijcg9X&3|ZWUbM)^BCi0s~ zCK2k-P}R&n_Is+R#&;0Wjw46KL>22jLMJ5J6d7?i>cg)@za-zFztar%+NT6tpRTq6 ziKFtaD1glCSx&(<->@e%3VHnE*&++Zihc@l1f4f2lvxLezeBK9h*1dukI-QhrQy)-?yDCUXu8;@rd6xbS*nS< z)RS5DCX*=JAfa*$BP(d)kV4Lobq%f;WiwtjR7a{AJJ#e2-TXl)Ym zTJ%IT3ec3FQZD;0@66oG@+44#1CQb&frV>+RXXLG9LEq?0Zka+c$nf(9Jt7ta05SA zqebiFG4Tp9K&kBqFckS+^AOTMe=AgyfzH9fZETN{#E?@otE%oD1GSN&;bnznJ3T4U z=Li#}hYMICRM$dHpkUf@OB#6SWmpc2sS4kNCvNP)Svs8F&+3x^)tK<#{D%=aS{M?hfGzQqA-H&Pb&%7j!6RP;5%y(VmONBIKn3 zhx6K(<^r$=;1>$^W5eJ#=W5NTQmTK$Vm%RN)!}n~QVx3~F3}SilmReHV1I=m$ANrq zqpjK;!;>1Dq6#tc`olS&YwDb7D~ynQsssaBPrj5Fv~D5A=4V;I9fE;OBVs>FA6Il# zL$#M$>SFS_CRU1VG{LLw%hjYiMECN!^<;VO!Q^tRm0PDwpSZbDF71#?)x2#&^i$li z!ndaJgz6U?)RQx+JkcIo*>+;pWd1#zS3Hwj?PbWukf&V1uxAh&Tz`d+4>~lGerz#% zLd+;iecO)xqhryP>-K{~G4aN{gnN5lt3yZM$L@bCb|o#*?HpuufInmj%L1q(BF$|* zBZ-Wx=Pgnw2%V217jbl^c0dR#egkzdc!k%Fn zbI0p@O%pGcdjQ9~hSs;$l&$KkNUW)iw9MklzcNoJ$;A5N0)gJEye-6{y{YvU)@HG{ zXj|&q#a9fR0aL3l3Z3T&qDQjrb8{U|*L;Oh$L$QJyeP%QMV1v(v6*t^EBN@%U}5}E zT(Krm8bhK}0${bEheK}^9PNS40Y!NJP2v^3LZ(cTeQ=m5 z&ON9&rST50@UEmlT4tkEEhRmM?*aOq?s`GD3#nn5$8uHL12z>haMG|1I_cPxb)pmne9-+;VoWGK;UOxhs9;UDr3{Ug4m|Aw-9d+|R&gpYs(m;p4y zxtGn{>BIPQ!?9mDsxeK8Br)4m&tB*8p#+_ME&i zdh-r=XzZ_LgO3nb5cA=4dv*Y!&3Tj_>{P)V3a?6@#tY}p{`*}%|GA5Z_{YCU-28up z*{I$7G^=(UR_=(6PU<@M;=)D38|~)de_=(Unc(P&cSDG|tn3wFm`FOJ{hX7Re-?#X8L;br){R_uMkM|#k*lqq2jwkEPfl^f5cq2c% z4F3G{A50DU2LdSn4U61==9B!tx&V&-xB5-~*GOnZnkcn<5yj>k*huAU(H|SeRl3DK z*nmrC?pQ`C_fj>yks_Id15VQCFdEx58cYr0())Y z?E+}re}kr`6Ug!U4FhP**rh2|`FmxEnopy+uc+?ATP4v``V&w5J@4PD*7<-!NK5oM z8zRcp+mVwDoqAGRO)^6zTtiyz%*A>PP)8fiN{m!+VhU`7MCs$r(?{b5`j0sDXyB?q>DkH-N95WSjET)0UmolCOOXG z2JJ)@d&bZ73)lU52q)eJP!S|LWKdk_vjVih&e3E(MiKKdUFsB5YlclZcGq{}UCmxN z*b6R&vOj-PUc{eI@qi=%F^GmCX|(Pg>K-bdPX^%3kA z^o4~JQz;DQHFBxVaubBB^6djs^8zQl6c`oU1W-EKhIP%6 zi>kADB&#v2?iAUu4NVg7%Y5XX4mZN*vLQgX09xIOf2Z5?Lg^-RqKiL~vTU$!1)^-2 zs@MG1qm23Y<2Q+it|VdVk5EAX2r*bacVn!;RU$<6{ORaY`x^t5B`Zt9xjzHo7&ik@$ToAiU2IFI1HhyWN~!-X>)5A_ZRBTi63 zJg0c`wCcPnWm`0S(!Q!Vm*r*EWV2#-rSKJ(0dxuqP&RXnY;ZiI_OLQVSB}-C#VyQu zZ>90t89dUH@G^O|*W7Q!+n1tf0b2QFjeoePLb{EN z+n81tYaFX$af?CB*_D*^R)jzkzC3VhL)F=p)}tooA<^2z_Q895N>(EMSzECe zuS+LcJW;uokI$Mi8qMUJw2t&Q@3>{vjza#>XJT)kVcpz2|VJO!E{Z09$F?N zP~B0bBa@Dit?WgW-Xc%S_;>8DIiGWP&EPe0oGCTG_M^9hP-5Nl=8)*Q?R`U{{hYIx zb;WOm1FZ$+PgFpJ$^`zzjBD2T#~a}*GM8)?`6vmjN9BYPks}|=YNC%G?aVoqamQE8 z30^{aZLIxGj;cSWYnQu_l`Dhw0PAn*BAam>u$PGs~y<(fE6#C$>eo)`PI zA0W7@^be4-CZfpj7mgN62b?TClC?Q#8!ZONm&{%B(keSQ@6fIOyc;(m`vKZWUb9Qv z{V(myq5s-_`M;Gte>t4<24>C1qA}bg<-^`kRhh6zDr5xlH8@{X+?Fsrs@vb3n+$G7)uAL z;wTIgFfYVxW0-vzQ_)TZwQ(0VP?gO__1e>3`LL+_;Hc8d`9+2{w1O+@8j34I#smfF zm^3XgFM)a_>kJE|Zspo3+m}MTStDK+J_Qw~H?(mv_WAiQe&F}Bc<#S+CFbj6;$`=( zf-^N>)xL-WNrY4Zks-SpiGi7oTkA0MPf6d|?yIoZHR&MiF1jCf(P?fZSkk}=GgR}MGubR*vOW_ChGw$yg8J}<8hUY-6kiin^giUng zSQ$iv%8C8;+Bbd7?{xQ9J^d$@Wr({LOeX*>jUOO3xEY2LJv4uiM3h=!mmtNKP(l`a z&-CcP@Z>?c>i%WU+?(za*IyH}jwxk&B%K{apBG~Jmf*xT%u#v4SaM6BAzP{7?CPhB z8%M&-ZDcNm58Q;l_SKwP0Z&JdV>1Pg|_LQzM^z^obYb8GoPf|sorgQ z*~N5{h#P+yGLCpKeBc<8G}BaMCzf3f(2Bp~|5o|@%h+?BW~WQKY?Sw;^um3FG0_l< zMy*Z=IgWeHtNqQ4oqJM$JSr#hX zxp+M>Kx{nOaKOi}tXn+C<~eM@^_^A|k584feKs+*$P*s6a=U{$yb9O%V$xC9Hppo# zsvA90pCl;EhVf`pf4C(98t1fl<`3a$67Z2l%hqhOxC6vRWnhc~j>|S7?Z#*BaVmLh z6CYGC>+(nO3hD|fBz1hwiAdIBp2B96r+G*=}2S2#1!~E!_+Slpt-^v z?JujRYerKP-AEVz zU@unGeqX%wZT2%8iM>3tN$Gj#QwK#G;XB~>b7X#8rhZ>0CBksznBF$8zU`4*K*c+w zJ8weOl_JN{^Xgk#n)c$dy4p#c8RPM~se3V&5q<2B!}AeI>^h|zEz2Ia8)IIL5VhkJ z`ONTqU!jf=(rDyn)=1>JWp{Xtmk0z&VscF|R*Ud$rFkTaA99vuSoD46tIzCLN3w^$ z4+-Q}db|!F8PtyKyMd)^Wy@+JCT{mKE*YCDGC(onme7L#@~RJ1w`ch=zL&9eo|PCy7Z1QJ(}}`QAnjqo`NHLj!eP}eu~lze%Q08 z7xpUB7vYx&9B?!?uyQN{PsSd#Y4{mEb(d3uer`gfSGKcwe!E@;m2>+A>+N@D9xbfk z$wxnppm#o(zR6fF{1n(3kh}WGYIN&h$^*_?z4W~hbk}i_Zy@c3;tRXczhwvTk|rm6 zOS{+AyM}WQSJc0uy91DqfJnLq0D?9+-JN4OW<(7lT6}Wb@!A*KQ?~3ye~C?sIh-PC z`sotGzU}m%88-R&FT(HLi%b#$s8w!Qf5{-sjJuX73etGMcsXD)G90h>3A$Q*mph2@l z2RA-XJEw7zQvCT|3%YuMq$#W^o2%fHaS7{U6xWigW%&1R(#W zZ~aTttEkV_5uYHwI<8MYvtekE2WAZfDDIwqJI?|l7_!8hde#{v&`ELV{(xWQAATE| zZ@{Tc^2_WuLN#6r@V14*1E~px2zQe`@@;%0S)zQRfv+ zM%ZgcCYJa3>m6QQ;WEP69$oi7qjqYU-cGJKjZ5oOy(lieO_q&ES>nP@iLuGSsA#8~ zzTMl^8s>_6A|X+JiS4P@n+X35vOSM(FX?~% zY3L;%**g2{30tZ!Z@5L>2-Eh@$>g6FCT48e9c+4zLTt^PS$VkMt@*}}yQXYKUcMF0 z*!DF)1BKrm!ZCgTAI6g0A}jBKyLhXAuQcb>9`P4*us6kNq_`g3y8!cv|+7b=fGBMEf@I%6e-lv^Js;s}NIDGz&DuL9~*#5+=@7ZdYHE-`du5sKIaES@_aKFd8|IH zaIUT@gS3#hwm2R^Ucin&iS1`^5Y>S56@cbZtGt6eO-<6 zIBL~RpypFq40^I}nTMr*q_220>!Mv9bV2*HzX&s7Wns2&tqGUXfu=n?$^wY!*$x25 zmYphpcAWDU-!%XTvWK_%Pl+v;t#NhM(D)1-aRE?vk&(iJ&X#wA9&-Vune*>=wOMdo z^HuZF`ISzt9j*GN_bV+R2?}59*b*tu6D_>(q&eRASGlOP<3MHh5y-H8&NxcdL8Z04 z8aL6+PuaXjg3-Ny+EariIdSZCVRXU>Ju|q&*2^17zRj#Xwqp-nRK+3Wpi}Tg+x}&z z*_s~7j^`Nza7_Vj#%BHlbS(k`uSlGomTqo0I?!a^`OyxJd&(b)DcjHk5HIwBmTaos zpT?$o${90li33rD|tm)VfP%&Jex`^mAoEY__xTfhqi za+7_CGNz|A`uZr%og)5Oh1K2Y47OcfUjiJ0A7G}ZTIQ#_81foCJG$ErfL8qexrV*f zY&0#lZ1pH6SPRNOJK_w={f&NGg10fpU!!pMEU~u%h^HIAcF>m4->FDEre>q{#2VYG z;6q@5IdKph`S_MKwJ(T{pN*G}ec@o$vgi#U^t~K8H+yE_Xbzms2nymZc{?^pWb#a^ z;8^Lj7*M3~lc!+oJArpUU|${Rn4T|hzIqf#EBV<|;LE`#qF(#=YvG%`pzE*n!b?z{ z;}=Dsk(g$ZlTmF zJ`9J4@SND17pND17=)f*}8U8)k592`D$ql!$jP@NCIPA-^miz!ewDjH*94k_33=+cGjzMkM*D~bxMZ>;Mt-#|)@HU* zT5Ht58Rkf=&&e&{N!a=7+K)q!=VytRH<;pQzotK|r&RKDlGkcnA9{kNKXFiI(BNoW z9oMJSP8=euI=1oGui`|QOCcpX9_Bp5+fox1=q^-v(cUwUgf0UtMXto7?hYNPE{&Y> z?d=u2PI8xg5%H|?@?oQiR;%bz!P&9NrE1!;649 zTGIYmTz`_ZUyNVOMvClL07gXPwDo6a%5`dUB7~c=;2F9(-+0%5|R z+_vs-=I|GfbaV(<&|fF3^9Kh}7qn_C1jP_TX96BGnVa3--5Rl9O1d+1+O=?fkkR(* zrbW)r7WaoIxP3i-D4@~|j=tq&8C^j9z?2qX-VRVhj5j9M+&;O(s zaH{`6UeHnQobUA237u({um>DT;h*jT$N>PI%hh9;=Kc8}%RuwiX&MP>o}tX?k@25A znq1AlXg#CI4H6r@9UsBySMx~S%-3CmGrRs*i}bchxTD7R-fzn9_LD~`{KepV| z-G7il`=c>Ie~aW;ei1_;*YQIRff8sW{}lN_<79)S6LNjgAmORou zryB@6JuCzCIf&{%1KuB#L_^VSr(B&@^~*>c8rEdllbb97FrYrt^8mxFKKlWY0FQwnu|>z1hDKP3V@r5kpdN$cM8AnCGW_g{i> zt_J!OA>S!E$|36^x4}?yD;FXcz8~g6L2@zoT!?Hv+4%TR!t!f`&XzD7uKTO>3cTz1 zvKH^oLF@zv?z#Wxdi_(_`Aax%@TYZ9{YkU{kM#SUK%a=q6zxIN2m~Y_xq0fy+EmYX ztKngRr@86L@CQOy|Bh#k^+xLlzyK+`?bP#UDt}!DGxs-odXa3JuG~N<;PTr2=+6{8 zoF4#0tByQrC=1&a>$v?T6s@Xjng4{id&DY<%6<8r`5{>^Y{9?(uW385OZnXb{^jU? zwp#xgM=!awu}p~{G-5XM8iN~AF`LG$j~Dr_85@|=T_9|pdA>ec^|Ib}WdXx^UVJxSvAAU9c2Wc2+?+^%kg5rntT(yj#bI@fcAnLiPC1Pej<=FUI>gdJv z*59o=mVX#w{tdeGA0`}sk^jdUp*zF)PL&I=UmlvxJB!m&Xvhq5amY)lorif2I*$V< zQor9S0sbtvT}jB{ieW@D?!u1{8V-ceUkCL>rg!rQj@mQc#zM%?DxDuwDFDHmVj2a- z#xtl%@=rUn>|<)m>DA}$Qi+c&S@*w&l|&N5|KuV2pg*Gg|J?W}{{E{Lwix^am9sJ# z58fh>h1j*s%3dYgcsrRI*)b(T4*y+dW#2|1+SQdwc{RzC_9J?JIwr9qkR@vP`Zwz= zK~B(%lx1m2aZW&T7Bs@EtAe>x{b(tBLh<3e8E^e%c0f6}$$EfLjv?mM^*dg82@pJS zk4JjysT~m~xF)2oSpf~ev(Uk)PMjoA7xW-&f_@8C2}2m)uOqf}mY|mH4+s_>fC7L%_~{-YuFe5gh7e9!NT0zR);FX&9a&v3jsph3;ff3mh_z%#l_1|@@rF~@2XP2 zI6Y}F1mCddy;m9iUQs}4rdffWm2AH%7o2?Hhc(Bnw8~%hWyQviwtHzuI=MhnW6E!) z9V8n*J1QVypaH*mc5cZF(?u{nJTu+P)=E_*qeOrgpdS}YxY;Q)qUh@43g6h_K62Ep zj(yfzDDe%TG6vxW=BThMo&XoQV-ijx=-OzTh34{^kT|UniA1#&ZjUaJI{Vdyv$=+e zf{h265aTczjZ%ju?&w{uz_#N)kLuudnypd;KjE;}Wr6?4Aj;sMQSB56} z48P*`DZ&MCel3cH-TCYFl}Ur%my*y#6jRn+bn!|p74h%MC4pX$0$IDVH#mxQxtnNQ zU?F%CDc+XO)^0)nB&tM|CU~yjYAIy5AXLcnS<2yZUK^zy}p4Q=gws>azQkD~catC0yX2Qs~z$C{T6msnJ)SjZpS3flEUdb+Q zz7S$BBeZEXcn|B^%)%`5JQMN~o$R;ed&BNK9)%m6h9T8Es62r1)<+m!nSJVVOtRT6BYQY{p)#Vip3Th?D-Uec6!bC<2czJ?PiAkAr2{SOi7v4ssXcTI@ zc`(9bbQMb0plJVo)+96DnC)@JZAPop8sZaA76H1I63F@qBtlkrF**p9np{x}C0(EJ ziZn6by651W8f$XHuRYIcI@XDedyr-cdRfND1~YolHX@@?XczL?qltQigQ&nk_ects z>vHAN?JNV$##(yDB#yLmv6(D6bAp(RAYT^ni}iM#C_F@SlxIw2lB#;_jv7A4Oe`K_ zf=RtxSw864pt>&Se$Cb7IQF5Q40qJ?I%DrEu9k1$ETw$%4nD#iDR~vr5Lv8GfdeVY z_3NVM&I}$$%`9Fd!b5?<31eik%Px_6kn3m34Yao+9NqaT*S*Yxg2M{P8{Iv5h-%mh zqXl<+X3t0G-0+i2EeD{xWVJiRGe||w4CkD@S}xYreN^cySHc2~`IncTr|n3T@nXm~ zoleBSM&=2vCfkvfUtF$3`SdA|BB*TX;)aA&T+f#2%94EXPH)y?l}}8>5{u27@=6_i z$#5eRE@|=3E-P>s(GIU03pdDmvOl>XXgixIupEo#&}JMR_JQ~N=~+{mkAt=aZ6Y1s zCG7}LD*hcxle-HtnVXva>D!JK*2@6IQWe$|Y3bMCRJ=CFj7}uagn9k_rcKq1*4QTmMWKxl{{?vDN`Z1Q!_#*+NDB@-d8DAVh5ok zQ{{*W_`DK+)OnzbwatR?U~4c&i|`Pba^;5*)yP3^Dz@&M#Zf$4ZD)rsZDkJ2LV11p z>~UAmQufQH5Zad!4%a-USB8^29*a3qyxJ)jub~X>JsRG^F$R2w%sle*J!C5mXCh>c z43N6!{v1jslIn!NxD}Z7(1I_EG$|c)!Q-C7!wHE*LmdUy5d3FL`=uj)Q@x;!1`@!a z@?I<|Vq2UxwjMn_v8nr%7av^OZo)2Q9m3s*%po~z*V@^TFs+*VE%|{`H96TzZTNU~-?G_Py4aU~f}Nrp!VX^B z!41;c&DMDug&J(8rdn|y-}w{c?No!W6D|>>8&y@Y{yA8nRhM{g_A02n*xXFCG_yEh z)~fOGfX&SsZq=j(u0d*Kta`f7c6ifu>~xz{UP0@6uaDfMYE96tjNJ1&7`QEqOzn&R zGa`CP(KRS}1CR(If(MFx$D^+F)tGIgM=`#7cCS9>(Pw0Xd-16iy0y*Z)325qG5*o^VH7@#{nQzIYCH;&^#IYpB3@1ks;EH~o4>sLcnLKM4>@lhz@V?_(RSZpGx!I2Di_#jZB$`py?f%@fLk zUSZSuqhwT(U(vXnOb1#RedRRU&9@O}V!FX3*FC92_4jpqDF$i2RjeJ)hi&GdQ|-h} zeDaG5%y<%dhGRa~2o^hr8dIvW5zxJ_PD$`_li5|rbhgckO}661F`Dhg2-{FTwxA7E zh_wmtpny0P&-{MPx z{yO#u%a~JzJgn{FKvA~l<9ens%DK4;j#$jp*&uts!^jYVM7sClDFiVaGS`bB3?GM| zrk>p0vLeeZ&UkutQs^jhhth+<;O5JqrNj3_sTJ#{pwO*NRDHix$HNJZP}Mu`@4lclAe<^mM$@Unv4KXYmS|IW!hU1){V+2vttCt zmIN~WI$DK1F-?c(RPd(z?Mht5y_vI6&(HoGC&d8fugX58xQi z0aLoYQegYv$wIbYGXjCSla*XPc52@fRv?cxG&PuIXFso?Cuz98#;uK{2?;;-%mVpR zSB_c`iL6w^dXPqzd>GV?yO~gOHv2(Wv;Ko9q8Xks zkMBi6KINN$f!z=bIvlHLFnnv24ZYtcJU6S>WfhCKuGV(ZxWYwd=h8(V<$E?t0D43~ z08o>D8G6OSq24#*xn~x_r)f*1&+w$pd-}u7%(Z=R zNAOx`=s6>qG`H@h$#+Jfb~xh6Dsm!lPV2{hz68E^@8%jF6kdEKRNGoOsA3k~2^-gV zY`*o_o`t3gPI+opIqc@Hus9XJ#<_f(#H`=((xDr^0n}g3w!-{BqZ9h+4!Qm~<57&N7$V&bLu@m)mbnzwB12e`{7}G?;R`wf!#D z6C>X#$27VRC3ax3ZI~?HcH-G|7NbKZx(sgRftw|`cb)MT;>^o}M7OWm;iRE>V8j-a z+RVeV>WMW@NZ^iuy0zPdXrha1YviKKULk=E?#M#-vQT_2km;1m248V8hYh8OiDws? zexhLluRly;8L0gsQAWDZLI8BESL+5NE5jSbl?N38+$Au__|TE0 zo;j4_%>F3y3xe5V6YE+N--sJQMsw2hS@UX@qcrwsg?b%EOvaae#+Txyja(n5j0w%y z9lk`Du7IBy;Md*0Lp}5s={4D=3Dw4uyP)!5ocml0)pDTBoz~tPMS^Djenb-e4q(f6 zqhsHQ_uvdO3~52=#zxL;lo-ui&|?f8T%MimGh< zkxhpj2C-sIvmSXy`uvy)_K6^}N;@n?JScyZHRQh7`qK`Hg2pt7XD?MA8rd-@GA5)n zin5uLo@uuOQDZ@PCVJ41FJ~lMQ%Y6^6!Au8iX1^iq5QS{oR>|EE~4&4KCDRsV;&u} zSi;sdx?gk>(Zz53WS8xgvA{zU5q4)jH3Sh#w5U)MIZuWKz*#1aN&EMts^4Cwy;{8y z>}`*Hyhiv`M}OD4E{iacbZ4Smd<@_jM2Nh|j2E987*S}(Ly4}rqku)+gI`g9 zw>~F|p~>^ z66d+dV65D5@8isz*5_BukIRzc+-)8AD>x8vRBb{MNyS?WXGx3pwYY#$%PXi*N5Y(p(D$iP9rPY z{?G20R4J%U1yi4)GFocWE!*d*sv=@2)^U`z)m0zRGiB#ZHOb#hx;SSo&)!>?UzS;g+-9;=7ax())|KS= zRS(rG7yPKn8)khjdReye)6QV$nClRvmYb@Z9nb zW>gBJJn~ahXc6o4(X_zkWPxBp^~0yMPR=X$>T0Rh9xPqF(i~#!wIU=&pcPO*cxB!p z1Mw0@TRHk9Wl%TV4Thn=YwDz(`~s%6v0y!tp+Pl+KI6Kob z&r7V#Gq);Z{R^?ycd_a|+5L_ppFTk=*DfY(^t;%zy4!Uz(cZ9p6_ifnq#GGy*;-q=0wC1CcKi~S^e&RU2=J?Z_5&gkK zvr8;lMOCRe_UpO!SL^SIErKpT3tTV1yRuhuyKU?@SR{-#ArKDMC$|;#C=+JQ zZw`}OBO)LTe#F4UonC|Sh-tW3HU*@8uWW7ZOFL-|c#bcGblcfhYYU=2^EN*8U6qie z@#whb5_xL7=wrFKRLzqxJ%#8d%iNMlElQkb<218T*>C2U`0#WTh#rjEydd=*G0(H6 zR$qFkbDMp1jz=!@b5p$HeXWpCi;{aCZ>~_Skc(YGKFzSs1Ru6dUahbKUy$Jk5Lj@p4qI~ABeY}o`)OM(FYohGf@p@FOO_g%o+>(HrqT-H6|Y)f z$6N4^2CbjFXYE(1tE^xJM1PljOWeI}^0hq*Oc}aSQ7IBM0rYfa)WXk%z};mGXqOln zGl(qG$FyTu@t}m#Q~tTrp@HGW*Q&K=NbyHi-fzEwdLgvgmR}rTx04O4tS%m8+k^^S z(4YtqWxu>bbm0;5oyovb#lRkv0irSjUA%_j4|j1a1GXPjn$(vNbPd(jpu|}Ub#W?I z3;ZQ=hdGRRyXmZ|R`qBD5raaZX|S)NFd|Tqizbk*xtZI=ce(M+idkiBu zp@Y-Mpi&_Nr8+i_KEc z^R{;xJo2ai7*4y*Xgd;ORRlW%?3{}Kk2u{dCSns}?`cn36UbLmoa;%DF531~FAh~~ zM|iQKvkxG4D(aErTW1Ecck)bSt?NY2TU+zJp4nea=H!v?MmCqfEGkG0nmnJ;wjMA= zCPzYKv$4rqV^6BbMVXj)5Iqw}5kXa+WH2%N9kmDaE^qKR&2J?m;n#p9EfgIExlD3Z5a<_4AVNoHl&GJOQdki?K|G4B)}YX*i&BN7%fP3~#~O85gllYFqr3o;SE%DLp|l!td<9UiakpC|ZRbn5cnm$+c3TRx!K-Zppnv{s)kfM-Mfg0gn^=_ouV|>+~1P_kR)- z=D+=+NJ^8?sSL&=!k6z<7-Q(~c&i+}mFM}qQ0X$}8?GmORgcE<_iECm^+3 zx37W&fta@y%D5`lVlLeJ9S;F_dEFKM_(ZcT`RbL}{yOZDLg#~aA2xvPUUz|?90I}` zU{=~O)7Xci8KmGr;}AV_LxwL_Vh&bnHk8e`n0h=P`30uobWVxT+Z|=E=7cf)t!J(+ ztFDW)mS$t3cA{VSt%&2yacK6W{*#eKKg-wFX)BBwHTKZ~N}S%2zHaA^*iLQ(M-*A; zvd{Rr5Gk}xS!fBra}|+DDyC4;nfLA16C=}Fn^v)Ip@q)0GA7Wf{3VDy_T7mzgb2OT zI(QlUc)Bw|*i5XB9Fbksm&`L#p~Od!e8c5&o+$yo#HOXjDJK>n%nh6)tU{9q&Drym zFxyj<(#gDq876+bgTF1<$;3VU4S#`uYWKir-09R6WqB1m*<8&`jUEikstS`4UQzX= z>cV?lsFTT_% ziYM&ANvu@))G6cnIwMYnuu~|@XefCTtL6fec(Vl)x@vatEr_(gIN2CBHPkb2OAOO- zDh$o7R)36Fri+F*%QG>Fqf{c^w=%uKH11E^$5)20VYHuKf5>>9$4_2I<@o^j<~5)p zOnWMR8+A2(A%YwzK&64Oi(EpV1vS3*h?{G5rJ26lWVoc(?Z%)lKDh30sX6@DNp%05 zBjoqLL*AZfLjCCev#v83FF%P1kJ3n(mtCmLEA@y-S??Zk*&fY=0#I z%!bnLjEVB4!j!eK5VbEf(zbAWT({@X`qb1AzeYtAMp}JW>0I~B=Y-MeZ3j;L-R+L~ z5ArQQC?8yveJZYL$Wi$N4V9R<;NYm91 zm==e3Mc)pxB2?ecgajb%hRk?gsB-kACKDIl_5ZvuIa{eiu#y}Ce|*N@DqlHX5arhV zz9yttBy^4;tjhjt>>Ae#W2MC z=?!+uyIozMHES3@ZVoz}2t^X(q4}p07H<`yH5Mk47nr=3xf}0Zg&|iL7_4?nZS2#n z2?!o1A%rg786dcKi1>R!1AxyrIboAeZbNQii%?b=sW?z& z+!qoO*5{hyv;E|ya16ffXs{^~9^+o)b8k|+sVaO@xh_F3X)#UH0b?fe?FsMosOhEM ziW;meC7Sem9H~h=t$fe(Q1pn1f0nX2V1x{7qzxvuwfBWSQ?SBAQ_e)UqBe44IrE+c^ zc;Ywbll~G?@>l5Me@I^%bJc&aQllo`u#C?CB~ITCob`{o)n3;C5ApBA>+)~xjEnlE zm6{F3e5Fd|JBoDytUl_dNsd!=!rphhYjS_O`lKwtDLWu|x;Fa@-ksl1hW@X3ihtH;xCbEi80*izcyD=S)P2imx`aNclR>tlM@!=+tc`7?cFyWnMAIC#F4VtFR4 zXPO0!NW3&Dz9eD7lq6EzP6Pb&h-@G51z!8ryO+m45T}Qw8E_m@#dP z$Lx&sQ@HpkQ*m_(D*ftlr(V)`JcAf>kX_zOQf_0%4of^6ue6M><~7aR7cD_hI>=p{ zi86z|)OL?J22%Ix2W?;02$^orii8<3$idM@ZRz9y=|z5eZu@hpRbfw|w>e+v;#)aA zyN-NG<{Igmcx@Y-Eo=b^iE)=veVvc8h+!E`beB}}qn!xqojS}X)= zFtR{1+v}qzGEpB{rws&z6k2K|nLP70_Ge_XjvuDnpKO(*Z@_4`%tzK21j4JfszAnj z-Oi!)FQ(ih`W^&m2`DgH2U>{dVndLfVIm!v>abglo<*qvz3eQa(c|mP%`V5)0|Ab#CRH=i3IkdM}~1baiQ;`vW_Ph$5BmZ=tT`g%L`eMw?xX;)pqUl~IIzjX)+?SZ$dp=R-tMUl6rZ@Up z)RxjVHwj?;v8t#NspI4Amx<+02oHI?5ZBlqGseJ9HW@}_a>WShAmz&$aaUfy?^BR9 zk~RdO)0zsix>0qT^u8w{Rf89x;-JXL_(!?v}`p9IUU^jtQ!I{1zUezLc4IB*dx-*$Hp zExx#4nX$&6uH=Ux4B|1CZ z-bBlNSk1{!#y~$n%0a59Fqq?b+$!1yUhhb;^^*~m4;KY5ClL|{#PS{9{KEOUYs<5{ zES#r-1;v6j6NeJ8Vl1+&wef0`tl8)p29DOhYWeVutt#m-n~^HQ zN5L;PmoM_+lTOVBs610&4|m9TldjFS$FDN(RMmfD`e7wmxp~{iO!wQ(0L9ZwnTaIO zA~cj1$2WGWhz3#*$6{sfj}X=A)UN7O)!J{UrQ_0stz}?7s}LF=B$NO<-H}0-KVDk4 z>A2Tj5VZ1Q;3MI9;CXe{#q#D(ypaPRXF1=HS^DDCGjElVZ6~+QyUP-`jgMnhHt^M2 zkYZB{!+H9bBNq4d>AJ`2jLjo0~uF|#*ZAZQQaptZ_MF#R+jhtFs+Vo9V6rNmgRqT zkj~@lzZ`xq=8+CyTzkJ=&T)#)`C7)1z z?N9l={~Nx^kH7yDa)8_S$yc}kDA{KjYl&8NITB5W;yQ}pXE(~rCJ{ZRKS&q<;a>Lp zKZ#Q2uWUIqG5-QenWD^6D8TU+^Yr-d2M4GAvB&sFXIcM8-Vf4@g!)|zU#Imd@Y^o2 zs)4^Alnu^ttP#t8FroC|PxnyM%jZVe<-85KEmLn9bdCBu9;GGn$>{w)P;j4Wvr;lw0KPcsy;~3YVOJwxk-mZh8JxvIOg)fSzri9Z_C9 zBq!n09E|iieaH0aoTr;5Q6FTjNe?&Rza zE_8l&l17rha(1aYDLRumt3t&S4zwj+;l6%*eeB7?ZHrS z=6p`>zO`It$}w>`q|dByM;ac8pjrO3IP0sC>dzm%X#7a$0q7MTK1XjFW}1e#riF!E z5tVM#sn;)3;eclFTzK4M*kSM>5^pAGzsx8*`l*~g1OVN*oVd_Ym8|7sq$d{n5E;^^ z8CQpT#-R4Jlb)@>WE(&i<7k}|sTskan|)~ZZK(K)*_|H7Y`;q{1Y=bc=sHEWM05uZ zYwKvOn`IPE)zX2&i>8)3FuY)5hvl%cG;@ULg+N z+j_S*iU(V*9EAtrk;Z%q+#mEh?BQIo>WX2*x}u@VSWlqdw|vgr!6XVxBHBM4{Nmhz z1pd1~PI_Ly?l~AE#t3e-Dx@{B;@jw(Th_Bow|rss-Rq>6fid{N;Jtu_)Dex2Wa9S(CqxH z_3&TIKJYIIv6~WyjO5FpofZE*J*=C*3@%c{M5iEXLh^SP9zJ6mnYXyju4kTODq8N z^!ZtC_O^CSI8v3>)8;8V=YzDBXmA+}0zj>hm@af=*rOUX+TuYIE#T}iUXCydvA$-F zJNi$YI3f>D-^1SJf-Bmfm4-EWU?T%3W=WA=bv|ddC=2t5!>h70e9JN!3YtpE@@yOT zmSpTv@XHYSQML&gBi93vC;OEmC)?gwH98&bJD{E>T5v>%lx<8^Mv$Cf6K=vujCNFD;AXWQK;k7+kjy9+lL&CWXp+FA7;+x zo_NUz$%z292l=`6V*c+{Z%zjo(i%p6A^W80pV88&)x3Za}h>f5GTr{uPc|8*_Er5Qc0S;69SCxNrZVUabxO_Hajy{Y;ZFYp^;5 z@sNqj%cwIcNuFU}8xPttZAnd6W-&A0nIHOK1Eyo%B7FLgYkqRK2zDKthvcVIT_}-O zhXZxJ)7Sv?|j=ws5` zY(L$-u;bx2uBUF5E#X=f+H4_!`;Ous5GMI zkRwEd|<^PO>=P4riJHO?V{hYVusxEM|U@oeMb%Vda!W$vn8X zq-9vXKN$=$TAZi12bF*y??_J@-c*WXjEv5V&OEvHO^6#AL$Hp>XdMg&%4oaot(fwf zDxTGtIKdPQ438+@aNto+v0CTLaz_GCBfamiI;%~$YA`+E@MX^&(=)*=B06>Q!KK*D zcUox~=z`ua84mGdKu(;x3X>cuV}m3q3pYs)mU)1zJ7oe9Ddal_L5dP>E~e){4{$w| zq?reKeaDNGkwk9eft}4QH+u_Zd*<$khSywYn+d^ZJqHu;Tvz2XTN&PO2fK87@rRX) zf_W8N&m!C=YDmS#&AYN9xVn#?d8HZQqvWaAk8L}&iLlNcOPw}Qrs3Mqb0M5{X7R$E zRp6-c(meNtjBr)WMsGHMTt6vd_1XTO{_JlB02-a>0Bp zhx!w@#vav|SJ|<~izwGv@-T%PCDF0Ee&bHSCN6H%gP};Ln0EMOduxke5=C3tOjd2W z8Dn*_Eg{#yXefTHsVQkU;@iF@K12sN)Uip!YHe?lI>m_6GmC4^3YDH)A)uLGax2Ry z@s+^d-EB4j=FUypFhqCcI=_eQbCyI2_Y17PUtK#~Kkt>v)s|yt3&3~~fFkx)X1`Z8 zO2O+u*g;xeMtx#l6ymHK{n6jg3`IpARU= zejt76zLSZ$V8M;;Um&M!2^NJ9Z*vesL%g^;7tJS|wW&dKx0r9@X6ryP!sc~Y<%@(({_=hKd)&(z6b?8^tUpHY zWN|WB)M&`P2&rnjC27M0FHw?47H!Z8?;TcE z@LMvOc1CBz&h^cE?XDSGOL~)S^&-$~RlvN)of@XLe>9zGwVM<`%1GrAu3y@rM!fogfHb6Qg_nV1R$DRr zgxqk%ZPr6GRdwRJMyly+E*>qR(t<*^k-X8p6QbWAkQhFgh{WKPO4a?X`|##6JF$KL;g;L=LLs)^KLAnvx^ zJRN@%JNPzYU~9r#jn@R>8L4@@@F+Ysm+S5&;jwGSkHaN{y1?44{1?C-EOcu?BZC}k zDC?NJ1gbiGVzwq%KD7o(J?ZHW>^VTet6X=%)=0QN z?gprd11%c_E3rY6-!@WT5s(pTOC^wyPJV|ftMcJjrlks)ITBaEKEPb#zX)E}!jMlr z89TkVDWXDqgePnw$~jfgcsVw!;MMIiyf8h2k4J($}Z4G)(weZRI&7h*itH14Qd zL&ZD;X~nl6bU2XWtTX(w!_~l40`I`eynLTAg;^ziYU(k#{MN(2hDmTR;M%0ks} zagkS7ghX1pz+InN#*RMeKrt%Q-L`*c9vJZ_iEiKnB|0_9WaL*yK78{2o3G!0J;`IEhCa#ZFKE%&o2H@xiQw(1`gt|u8 zSmx)lVT=x0zxZ zFD|*zES&!7^^WkDa0jIxSPC=mLdk&j)8fP4g`($amo8O8Xwk{du!~K}#v_lDKu5{e zv$OX``-~)~>$*Q5;2GtOI2LwHXHXbJ_^|!f=pNJ}Q*>hPbo&hrhBb?q7Ejne9Gzd1 z_L=PiGu4)vge=a7jkfuo8=JbZ(;#olBc36DeePo91-hf)#mVqvvT(>}U~k&L65zgy zlbFI{uF7wG6RG1h-ab0*fcVk=SU-*s2yN*qoF1Z#GR=!Lb}+1tyQBEE_pZQ6G9$T` zXW8TI#LgZd>6NSV0|VgykJmMf_9ZYmKuPC=JOi0T-}*4g%yLuFnJ+xZObQiUyPa}S z&sm#Nw*z~N)^01u8nwX*w`~*_Px5ywQ~geI{UZo=rUcWo8qa*d2=wu(XN3kYmHv>M z=T%y@{HEPn@M}Nw$Has$8ZSMEjqfE=AB8QMlfxRk3EI=2SMiepryQcWYsXKfOds0T zelak1kE7S_BR^Cty$cQWl|gU6l40Tx&Z};mkl|*Je*89E`SxIXSFtC9D!%A`9oqAGLw!tit-9(KR8+KqvClh{fUNql+ma}SNS+5S;Ooo zL;N$_J#(*m7WpHuj}+kWy{qCtNd;P#M`HmGYLPPbE*fQ+OAZ zhJt}hO*PQ)4*3wN1Gvk=ClXR^?eT5q1A5!EwxMqRIkMWDetS$lpfxGZWisWVBQ{km zH_8pmU4|vsPnkc_!|iCi$u+#iAwAqIbN*8}Ot9Sr9McM=Y4Bc1W#X_H<>hhVahIlV z>2z(h;3Rtj**wzD-pw#Mei{yG-WcAU43lBN;I~>*u3+QPTO>}(qH2^R>)c`YIRt&W z*&r070pvieQ4@q?#3Hs<+JMIBa(~hE7v05~RsJ=~7ZlVC_*B`eiDcnGqiA+wYaBCw zCK&jyxQnU_40(|b+zI!D?9SvumVd~Gu$d-S>z96j$Z5{0i%%;&gyBlu3pi!B4Z zg+m&Iu5ynq&>ln`{QDaIf7ff8(>!SN1No&r8RhSI7AYRM_&lg#)nC4;?}5MD^2Td) zHKfFt;s>Xi_K$eak9!dJt|_<$Wg1VXaDjF+w>P$om}GX)fGttyBj^# z(+7z=!#f`Fu1PnV-sVNL=(mg~F@HQvLgg5WK6Au1?cYzRWgLQzm!1O&GzL_tMC zh)S~nkq#;#QX(}FkX{l>NLg!fChq%P*KT;a<;Ss_-)Kg)ezN#PZ9RTYOJmxcx9+FKpTUTP8IF<_WlC;ki7s z-x#C&2u+NS*@)gd8t?T)lZ58 zl5@SZsp3e?nuytysz`?y9=n=Ss=(ja!wAaVl*q5Oxy6+`! zq-=O`Zn{{znn5kr;*Xqu(ZP@V*z$Sk_3qe6AO6X8uS^Q! z8&{nwewk6(J$z!s7V8xB3Hp3k*D_b$+PgG@ON$2T5d+__HFDw34P!lT5^WQ%zi7|z zxw>6oy`BBiT#QU&Qgkhz7w38TdV43SrC6f=VRinpLv1%gpA8o7bsjd>e9)5?W$)$N zW)S3PM`u(E6(V#8Xl+C``kq7l@C!eujF&%qvF6I^x3(d3e)+n0Mea3u6e3j_g8QeD; ze&6x6jOaXx9I4oy>$U4}I_R2#i8cbe|1HO{haFH>#(U{h$BcCxebbraef2eE_i{_) zY$={2@(4b}ZE^C%uRPXfAH8j-i)c%H|CIm0<;g%Fr3&9==`yApbC%N2oA?gq3+{bV zv^#R_GSVL$Y$4xG0{+yJeY>m5X#9P-Qtq3_&6(1SyXW7ZY26w>x#Gf>iVG)SHkLO> zOOoW0W3wD$(-jW}sk7YaRQzd1n_dO9+Secx`jM@HntN@*y{RitN;-?Ec4O=E5$#j<`V?c?rLP zjg2UHmz0+S0d|s4?whk$_AmX_Up4>K(KgUM)nmsmCS5=N!NEfCoF|OG6YQ+(Gt@k_J`+iS)v%UYE zZEHpA`;o@M-q~Yd}Rdq|{zE}Pmc6F7zh~))8adhFx zpF84=Tal$Hj18wta*pVX$`K>U5dUr_tjTw~(i^=Ar|E=xuU`yrh&!0usCf}l5z81EgTC1EvxEz$Lzt7Hl)s(j8D0_5< znNCPDZ%mEg(y5TljPG?IYM~eUrj|(8R%HH~xk{9e)883xVr?o`W$?J~k)qa@Db5=Y zwr3gEmK|>snA7S`kHDY7x4Bi!VN~Hm&)uEZHI9z5U+393WJTSNRBR6|x>>0^7MOIz z<)|s=+u-NdZLNN8H!5^(9J6L6b*oSl*rFK(@7vNuKA&15Ut2*-$lpHeZPF)sF*o!J zkG=@Ghxe#gBA?}6e$+D|);@D!^>qoyS=n~;?$PVLmPipH?SG6QEFvufB@eH1kv)Yif!l z+tqo$*H8QXz_ABg3!U#fo=7bevF}FG3njYk_Eb1{AE-4*&D>y{oW4;p`Hk5~Me$Pd z6|Nre=_c3V?og4CRd}vlIdl)>{Mu{X;~FkW?*ewjKiR-_P~T{IG3-%9*upgOR6D_$ zp+20Uoh`+NBK64FZab?Ahf5&g2Pc~~>%Q79sOwlWbHjLh4X8zNk^7hQ4b6rTKEh4E z@gfAaAc8tWmi!ynwF}p>G0TS?(fU+cBDi%~8g2`yMRVR$E$KgMalBx@7Q#y9E~EUG zZ`$-N{Mz1Vs~$#~v`dxBzAYWcJ-*yJxIO1pO!pg~H^u|6=)dF7fLq(?l{94-GP<6J z7=HY^bhPgc_UviaTV*+H^3AH+~hU1p`(N=lvuQIE=fA&la$l<2i$^6^r>s_1Q$Z|c6( zVoBry-g80)KEuC>VwuzJs@4i$9iw^uPNFnd40+UYd2f=aN@l03l-{G$#0a;z$QUVo#Et)y0rAx6$SBCGG<0EN&TJyZecx(UjE`|Ci#H+ znONP0<(x_HEwadywqcEaY)w4#{r5SHpUuQ@pk%~qKUj?YJdN|c;oa+K&PT$>k&Zyu zOUtyyMt5w;O6b^e;{mayYRl)VO`>0_GY|i_(2D;KLh_G1iIWN7()&IT2k{G65ef8Q z3HK%-4$S|>(*qsYddZU`gr{rrPFT)!chmW(ix~PpL}-I<|A=}0e--H(`p=DY{h#J~ z`z|mhopa_ePa285|L?ip{)aublv3}@qvm;&jLz2bRrA5E@8fQHb{29AZoPo2DyRtX zRlgv!8_U-Yha*r$5Cpvycnh%$p2NI==&!(^SLZMf^T^=N`QjBI_!+>tGa%5;E&8J# zl0f-@0Npp0<2!2)Gq#yQ0%!FRC;0P540$~xkyhA(?B_%fKS5Sht_~|2# zNDK%wv%h%`Gs1@kpJd_SNOR~p7lfgS1ENykK*8Jm1HGQa*CxWZoY%}@US6jOHJF1( zDB#ezWH+O4FJ~6Ht^uOGtuH35hLv%79Dg|aB}$)kVRWZ3Ce``jXen^9oqCk9TX%|u zN{oQGRrs6Gs2WYE={3DB3d=dQ%4H6t?roI;#|lKCHI{(liSGtEMM8s#84!m+5Xizd za~M(sH28>!?|#UdR2wAmWPFj8%>+~ec#~QO-NKIu^$VB;2-?DKnk15d#z8h+}Ef}(-*xsANyeE7CyN7E) zY+aqjhJy>P^tuxtUk%N!(_&0`3~m_wT=K2V7X)F;cP2`4}aADU6(T3{k*{2eSkL{sL@ z9OhlwfFS3)Z`%lJQ$a@{tN9^%9(q*(2Z4T@Xa^x>vm1GD!Pqzt-X}GH;C!2olSX}j z_c$T&hXZbV)eId1t>Rh)9VVZK1RFr+Uygxi`nvP1eHda86gzuV^BxXMmmd#0zK=WxI_aX+_ zDZo&TP4>Nu#znoR&K?748tl>~CJ<79mgpU*fNb#tn}Uv!1X@5g6FGCMf{0q~pGK60K_o>=7k+X#G_D1znnP?e z;QEh!2gTJw*_Rn212Pl9%j(i_e(X>`ZhXc}xrfI2jU|xa)6utJq7NQq4r@}Jeq__9 z#byWx+~zQkY)Q`&+QImm+?qLuISYcMX_sk%uWWezlv^!6&mWEhN+$Xz2wBR!je@|4 zlL|~QEfWgR8=9bEV<0t+Wbj~;HHX=4(1&})fN$i1arGUv|05fF5WFhZhd^q^se&0D zmxe`gU){PAxU8{y@SX|;ItVPe4GBC=vcKpeXs0DKlrajHq|@YlUH+kI{K+1gK)Hue zh5IaEq7nmOSm;IIM_L-^FqXEY=gk5zOBaFuioFj8>xjo3CQXyxG+ebAT||NI4WDPh z(ZfP3AegtR#us4W+a?SlJfB}`G5G1VK&ZNt?JJxDz2873*-|?2lRL-fs{+bq86f~Y zJp}Uezr`4-1B1-c>>^l?$l>XNlzw|q_S_a{JZ^>1E3N7pAXh2f@O#_X~K_33r~Q|vq+iEf?c2{fDgrj z-O^02I2!GVkm!UcsPFWl28wlm4Wlz{3a-C{_aO+>RMHWD(8dj)NT8!i%)n9^%*7(1 zz+YlR-c0z|b5J_5!+*@M?OuIz7`_$*rWUUSgPcqf8Wu|yi2BU%pAkq0l$#`v>Y+P9 zUI}1Toe&s}xuEYHp~3I;4BhWgy9sJ1ItEfoWC^!>y_bb`gj;)!gHTIjUvAYDXjBe? zF3?VzMM4kFR}?uzuc7g^nD8CDAhZM&BkcwyhiL8y%TJjVgJQsYL_rhe)3Wk=+3FADQV>%s0$%N&{=sDi4|kL!=?n8I|HsBgB5n zE-+Z%oWhsr)zCJf)uc(hCw_(vfj0)TD1MY`=${{49-vL=HLSsbD;L$T&0oXyvPde_ z7c)Ydsl|ggKH^>*!FL=dgj`=lDQ^ZElLZa$?*N+10~A!Dcs~-$=t~8Ig9$zw71=Ko z;m8p%Wn#a(L6iHt5yb)Z>9d94Oa;`#BpYJN&tbl_6ea!n#OxnW3duO`kdXdaWZH{V z$)FOHec*ngHFzfhd=H$#e1G(Wa+}x>VqM3BaAX@M&_diCX3t(kEgPOfz6;d{-e6IS zNO+%MmX`sVoy;X5fml#p!I(%KOgK-laK3Z}9ihJikw7vSeJoSZm(HM2mYXO+loBxE z9kQWOWjq=cQ*0%V&g?@(;f%iIN+APTuQlovfE@$t|9SzNE}X;*S27vI5K0qk(zh5a zU37I&x=q2GiRi2qd;o3`oYm!TorYoswW6g^&G~q=WF9y2`qgt!{NKi_)+Ea z;GGImj{Nj0u!5*#MShg@m0^-WQ-ca zn6xH?S>#NGE64=V2B-#%+ydn}%mcr&yP(rs1gKTbc`QtQNzy}fXip8g8LPZEulZVa zVCTN`Ih9=%A?i~VLCpu6a@#jKSK68EkFr^o=A|n#W%8WW0$0x zXz|yI@6RK@cct;~vP5MJgYKlR$SV&$Uk}cPD4#SITv@c{da#uzFSGs{lgBI_DQgRf z(mhM~WySEtO69=bAt$RFsC>Ie;LVm9QE2cb)qrY~Jy5`aCbcERq+aq^?bCp>m8AoS z>;BaIpj8)iAO6D)0zDD$O^7MhM3Re_)pBvAmlK%<=R4cmZ)VR5f=+A5PU=61I$wLm zYD`CTj6cxL_<$3Ki5y$-i zQkuYCPWO52*lF8mq1kwyc>7xW;gobt5+CBlBe{iM9IeW(7p^{wl^F^fwpQ1d zN_=}^rFM^6?6pyS$sC!+B!L#Mj%!t=r$ni9R%xN&-7kYn*zFaLC-U;^%s=r?9iZvk zOet*K5%VC#U2N7+$0fxeX`S-1g-Zu_^{K?YzGS}5ks$2Fq1SXL+bc)~id6!1TL7cm zs+7LOVWh3{9{Gz$-P4`77Li6Y-YssDozgz2EVriU28Kd!AT0+TeIJRO1N<#H@A&Fv zflJ>uZ5!-w9?!FVwMe1h%^Fw9tPLymDF>BnN_wMcIKGp}hwQ+uDx=@L?WwYahKnj( zeD>_Vb0#&X&)po=!0EkG@tR`BpSv}@@409)(VMO>|0 z+2cM>U#~lQ!@N?pPCEm2n_a4rB9Tq4z!&I6X@Tq1rLO$*Pro^P;bj)yznMO@?;M4D z;=)xW!$t2o$5IqR@OBvqytMS8bCJn=1IBtaHV++Bs~OZUU&j0lNttU>zO2#UPxN9J z^F^i4pYRE`n~?bD*Zqvtj1LQ1Kh_jUxa1K}Dw%l=(D)m2!bEV&Z z-@9HWTsuI!gr?^D2&dy9)GKEcoXzQ`w}yh?G)wNUdCq1jtx;->5Y49ZwRhY z@7y+b*@=63hd4kRlM#`~mVA#)zGDxrY(l!^IbT$s__AK}aZIhR_t*2^Is4ys;Nm`J zWE@LrzEIDL=LJZ{zx$L&UQ+DhcYSop11zy^Vjxw6SLuS z$SZVnfI9CcwVPC0FWnjt=0qS|b2164Srx`Ucg!^Ujb2>DliyGNhQGOAe8}!_liuib zro@byrA1g*n_;58QqO@EXU}MTSrAW3A>}}0=edLmNO`6{gqEui?v~~ic%<;IttM~{ z@9k)tx#Wu2!kE>o9T%OC;7D8X8j!~ngP|^ireazCy02hApt4WVka^I0w19G`a@ZAH zsB65Z|M#zkZH2OR?qV|wnZVh!6l)=YyMtMN84K=`F4Je-3cvk&;S%t2*Qez>rktsd zhuh8+J#`#$*v9R2aI$<|wr!vCYNgZm$Ik6qt;-4Oq2xX02cZ(T=$;Ohv0mAZ={F_s zJLbo_ocih*(*DTx+^41$fy`#yN`{vm#Jj-P>UaSQj>%;7GMqWE1?CVu)gV%;l8 zL-sCBj?~0h6A1icCogd6nP^w%Q8~U<1Zj9Hl3J*q4xE8(a#aXx=zMy8U;F;|SK@T# zFDU$4`m!!K)2)(~N3R035O(MKme#k9?EJbuykteqCRkV)7j~y2x>Pgz&a(X7p$~dB zvM`jSMvXXQ7yXYVM=Wi$Fbg`8_~ASq zY4y5fXERP+d(}H_w4A&8xk%;t7He0_EwQliqByMYUY?3d&P%Oxz~k4l|4JF=zshTa zPI_3|`jnn)>z3tg!C*|{0^~PQcB1VL1rZbjN@MYIBz~ixPHxf48TGftTUMGjYW-e* zdpXYa{ECPUU+*LgLTZ4CJ&=q^)kDvt1+};?g()i?Qg-Qi#~CiR4F65Nn+Wz0H-*Fs z?4sn|Qpp>(?+o*b->ARs=AqB$cAA7}bgy_jRzdE)DDtIzrOElxR(j!c+^&u0;g$v1 z|4uj`Sl9UZ*>CppuGIe12TKi>m7GtpmRlffwV=3-&?Fg{#6%U^lsb=jVDWs5%77{c~ zMJ`*t+e+S?yc!qq5X%^(*Wuf&cpv$Z9AagcB&Ys{Dc&m^C+9J;y`Xd5Z%qBdi!g|MwC{{S|r=_H12w?qhrz0uM2!GraFtCT_N~%`p*gr$}Z@ioXj$Q_?Y$De)c~{ zWBdO*lTFi|aNtKV`JWYo_B{j$=Lhtu{;Wz#T+&TRX+-1=6@o;3D z77| z1Zt#9dL(xO3SH5Q6R4gtBlc12S$u6H_~s5p#d#z^V-tjEBq*LFsQ16- ze#dE3s*?!z2^Eg>g-N0-!qub&Pzf+W`tA=hcq_pf5P?Ktejsu7LxS}H1zuRPiEciXE03|r3kNJU-$!4OA zG+-e+ykUH6N6kQY&w>FP|1}+qi<&_68UG`&R1bs9v1q&cSQ|f-Cjb@K12*JIYy7k# zy%Uyvhpu@NM;1i_f1E&3M+V^@5uI$?}5J z{)BzufDS@DPeC@Y>tk}@HG409te`7|wYF#d6Uk!~-e zorYR(13#O?xB&*DJGz%Y!5aW|mBu4bDQtX`XHsO3_rQG42r?uo1(+A^{6FD z4q|4dqfv>BLz$CRf1p02e@1;VPViC~#Nck~We8N8r>STh^)_@CCs6Z;W(4z@S&$pS z=$;0R^uC-mGXQ!%ZB20^@&@X=3Tn>$P6KdmiU7+tqLve~5Hq;|jS4KK|3G20`t<_M zS9msZf|5b3X64Vqx25-hNrazvr)PWh`L+k4)=NN@Nk?hIZNz3*(!?~roUwH>%3oAO zuq1=#{|ViF#Ljc}7*qo+x=Q$IFXAu~NOqZ@z$uZFR)%)y7>?FYekAe)q_7!3Qbb2% z90Yh&VgmeR0vtu)6wzqj0A<>$kW2Hl^OMszS`Qd=%4Oh$X1*7a%)zR4Ef}i#mB|=YnXlxC0R#g`gCGC<4gSO=Cr1B-mD=m2PH z+4+|k7G6`CJaAg`*JlN$bC@fXn;gC(Y7skgw?BaPzb1Ap=m)T)gB;yy0`+%Hi}-tn98x8bgO2(Cct+x8A1+(Nb62tV;Ie0TxkLwA~e&Zg@z>v zcR2|LM4zUu>d%2=Fh%~osfn>8KZqMmIE@o-@tSJqVL<_!F9JdeKC{!VenMH%5kOD_ z($OMu&|)wT2?cXI4}9Cd=|hO}YI2M&GJH=oi-l@TqGurCKEk(m9BkWt&{q|tnLcP* zlMc}rAkXJvAjrzu3QTzi;c+@LPUWWw(k45I9JfI*PN(kjz$sx|uND%z89!~D$veeR z2J08}K!n&ky+8GT-tZD**SAmgghv%` zq|~WU!^slv%vsLycBe>pLENu5Vz^4<{Ow}Jzij_N{|rS7!5M}+ccL4Aqj*g_S+B)= z6RgfV?|<$@Ldunc_;q^gS4OVye4Nv5_|*~wS`|t?uE0NS1%>JUq24>+$QV(_(ei zDYns{SFBXjQZ^+HozbqqkR#di6GR@+-hvW_#57?^ho=glakzHB)AoDYw=7$}_qoL+ z?^;QwU8l(*D(#fM8mQRR{nBzHzS}XI9Is_#2biBGDNiJUT;{Cm=ZH{VvS0lgzbb=a6 z*~Wn?s5e_uwsXj+VxxhV@j)p=E3d;5Zn4Gna`Iry@q}Uv$x-tY!-p4M zI5tK4(gKDJMIZL%yNP}!>+zF0jlB5AXs*Vi|m-I%>Cz;9j6rs-Hkk2`k{OI0r95YP7s zDQTyo_KQyqbz{T3#Pb`rF_!Y)5t@l94#oJy3xN9pZ08-@~jqSy^G70>P z&%B5ZpQogxcdH$3kSael<#6z+VbsIr=I3^OOtGVko{E=Sz_))0RDn-?!6&+jStxB3 zHe=E9gn9kdH&q*p#!AhQiDQ>1bZ=;>xnP)Hpc#MR$7jJ?`Qj(j_(2EW)2tm&2Cq8$ z+Qjjs&(uIj`lrgq=TJV}P^`z9P5vgXyt-i}~`z_*70fi68t7Hsm`!A_ZI^NFP7NYdmm%W9`Q8IqEi*{hE?5H#|AFWJ`ol ziyd}@J#rb6;hz#YQ}I^$K^pH^Pcc%?xjJbs?;^K0|8seeyQC_8r-ou4B7URY6nbke#U9BImivc6mf z_r)SqiytQB{y+Al^`GfeiLnu!{S!h-N|$`2P-P^8BJPouMRIq4<5H%+~;c`)u?^A-0f8MV5;(& z-sk3>BW!%QA}-fz)CC)3E~8a8wx^uqb@9{Yd(XaAY1~%u+oJn6nzUj6bDhaICw6uB zQTo|naUyL}meAJz42x(q}5M5*wxb&-r{m^Cr$XO6JNhcUJmT+H+JFMRi|*9uDu@FaBMt zsy;l$tOf4@c6ciN38^HfV?+Dfq}p$0b+YqyHY83x&^i2}Z+u-ru|6MLrIHTI?fGD? z-+0NZJ$g-D?a`pY?#uZ%ubwaaxTL}~Mq*rdS|kSwjUcm?gjPE53zu1bA0IBHM~s@< zDl0^%r`Y9Wv+@t4he~zaO z>5w>w>jh?58Ho8bc@FdVIjK48=Z8mDe}Fkp*W?OMjvQU&2E3;=);qZPJ(QgK#lz*e*e7Uihtdte3Ws(?LmHU1~Y_5Jjw4*-_#{Exnb1d&7BGrzpJv=#0|?!bd6%z0G?017uVfjpY18Y$iWUw5 z)6Z@-w0Y*|hd}~t6@Je^KqUX%jF~yO^OJ7A{~sJ#m&RoDw*JLA>Z7+q&}&~fCaDSu z)Iy`^MPA^*$OyFpjH(Fi$t{Upd0b^Ww{>P@Jc-a{24GyrFqEMb*UgcI_CNQd|V$2ou%$iu*FC*=UkB1yPL9_;lKaJ0U96GLE| z(>_gE4*XzO*>Ayq^w6K|svF1GDuCmiE~2IBAWaJrbd+odwy`Q*j8t8)DqIeK#7!Tg z0?U?n3nYC38q6pV0rR%{5wHZ9;3TiX_6Xh^5-8>pgrax=PmVCYO`sOiB$N@3MmRKp zU*-%5X|g!M1`;?jEgO}DfgOD922>4Pe2A9XfMVEDZV(6Pu$(UXD;*1c+YMlqS09&E z5-TE!L)GorVX(0``ALt)0H5i<>(;bELoHcbiJvqq52V-NXbjGNU%`q?dZMKT=q*oB zzaN$`9*9X0MKnVGA}T2jDz+SOhm#7RCY!+Fd3OqJQVVEM7^&dF?zi}Uqwhl8UPfO$ z1PDxf{g+|B6e@`YM1o}jsNh}nYoLf%yb#m~SQ9ly4bZ6O940rVxIPT(bFpGhyY;=L ziE@!;q@P4-FfbN=QmrnSY{G?4TOC(VRx}d9g{O3ny;rKq6Jx%a^{U1oK{3l5ov!D5s za?Q5_n%tT-IZsuT38EL~(0%ixNH(MIfdd#W(-0V`iXv60s+fTyjLE<;ycbQNrNEd$ zz~Odt1zO4CPSEEt3|}}U0WVOnWzJYt62ZhwrGc^2iaX0J#}(AWu|d8fNno2lEDC0j zR!~^@NsBSYsE#;#Z6a^eXGWi(Y9%-+lw@>=}Bl z7ki?;3biI8<^LV{3c%NSel-t%egG`|e+R(Q`%ed01DU7*OPDhIoP*kU697-dWh6`* zjTM1eD+b^uJ#!x1j3oUeQoEukLat%INdwY9Rr@mP>PB5Hlx3 zQHk$hd1L?`Yb6#@X%;e^X-Z(seN0bOkn85Cto>MzJnT zg0Bie{KCH?E7D;iK)m_>@O|DZkklr|^abW+Euax}t2{RgN1bE!Qu_fB?52?>4;V~{ zmZYOG^1@nD{7)LSY;pl#w?BvsN~!Ld5(~$I89WBa&U#T6;sf}}1!g6QLtqJX0Qd>D zLZcl-TmKNOG0pS;5Uk< z^z%QlEm-k~vI`Cc!}MG^bd3~m?uguG^ii6i5pWm)-f3`vhmqR=-u&~Uv3h(LDb>_` zG5F}Y2A>wBXo-FW>*nef#z+znn$hpzU3~@G1*{o13*aH}NomtUt;h4`FvlC`xfOtp z>QIeEF&G{5UxG-dV|oI`7VxD~|5yiddQ>9RtFs#H45%Ly2i5Th)F@jQXtJ_`4E}r+ z^ly&>`1sz&8PYx8l`2t;I=m9TH>o!o`&Stny%w+mEp+b@77~E}FXUOcd7d@(51vK& znP=_$_wuZO|7xC<$fZXEG%-?UMA7HwO*>q^cj|tBipz}y50>B4h}(%-XwxkTkKRQk z<2liOTQ{yzWj<+;=dHFoLC{sMyqs9y?P%WmVuG)uG4^}}AP5PzPFH)Wu<~uRU77rD znbad4f#;}e*CYoKhYaYUg<7Y3Zg8Bklf9F6Tky`GSw~X;SZU~8`E?6ZJqhy!IApZaH`VROqME z+WMmE-htI-xB0;dpg-K7g=i9jXp9=`9s!)6{I_f|NTdtxfD-${8K0QBScN zz>Vo}z^&raYE;FUY|G86kIeF0y;o5k@wer zhCJl$+h$d9h|(zDU5;*Sf>nF$RF`nu+BLCu3kFKr7P4KQY znH!F??rzZgMap7T2BBU_a5(c-{dUuqs&Z%%+Q0%k#WT1y@NRx|Z+j83TqXCizU9mJ zF9L%Ey|va7COc1veycceHR@Cdes8f7d1oU<2gZM;tQ}IARY+_rde>nEJeJ%OyX-e0 zPA$La)bGXB?X9YWqPo@~iN#U@v{G~RqP!NrD+@c0Z+xtJ_nV=FXvcWvE~N_hfSmnE z8i453HrWpa=9{?RS&_LD%EwD@zz6>j1AZR_^k6k=b#Nr0YpxbnmkV z$BnP%@09O75oDJqh1iKRr8WudF0qX>VP> zZGngwYfB0#UXRPWgn!LT5IH)Le``wI|7B_JU~=3RpME8m*lH8kJ1;wWzKn~<*-@Hd z1#V0lSFA@dtkCzxV#gxKeR=PH*OThERmnMVS=mfmtZ~XF33lV(XOr4o*y3XaYMiLyewnEvr>u&moM$I> zG$+QgDCMK_Sp(^V`Yhd$7pHe;Ot*5}*$s91gvon=HF;9hsw zNc7nn{0w|fx36(KuKRosS_2rX@Bry*QvKLgZW;+mffYGvmfXeD=0=5Fvlgnqzuf1| zAKPp4{B4@Xx9T}R3eKD!C}S)!HwH#e?jwGDP_O-2SmoUXhis}wT#oX=Mbx0RNXx#6 z)B0kCi6sDT2k~j#t)=*-rt(*~VpUu7^6$Ci)Wym?R{wlnrRVU<3!ioSH;JQ?IFZ(f zFxSD9qAA)KcROSD=#+($*3$vq8^V0?=fK`80o$p*ucilPa)3edEOVepyc=jwL2yIx zU&b%;NU|Q6BmG@^Mj{7&ue--rn3}s}-oi-NV1ChBwpWsRJc~O54PnWm_O>#9(9Z(_p8?r{!zu&b;6Txe75Mcc;t}oxPc807SMfLY8ppm=4sTT%zxamQ zwRr#5_ZlIT(lhbv7)FX8Xvz#1a1qFPD?f)#x=HLZ46C=PO-M;AeC&VY+O6fYw-Xjc zVTkJ6>mA_oNC4d)`Suu7w2#3DxbjueXmfu}TG8X$r%DAfxiY_FFhhPyVu{)&t(& zRJ;SNhw{fGIa@27jf%NpRJQ8Yt@n9njNQMlz4jiTIHX}UZm3L9|02dy?pT*-7UtE9 z$DnN~65QD`NQG?s8XUM}k!97bE-r71^N6?xU6Q#u#!?y~tq9ONFuxdjdiZ83ajP zqcn>7_$9lnZB@D?$oU$AccUyLANfi#AR9MQGzRnU8XC4myghcd(KYkc$5mHv?^3^J z3<8_2ih%d3{@56jOfGk#b!6qEC%7u;+|I_+yf=Q*wagY0$?~@@bceaNZt!e=lJmkPn<|^8A ziBYB}dsn-W8n<0xR){JlD8$OT4BsdVlQj3=9(+%K~RAZ&F|78C+d-Onh-Z z*y356cV^;INk>0T5p2Zy?fp4kmrC=@hj;fgoA&xQ(4j3%0YF4W)g zK;F+(UQNcSf^rBgdDYG*@k05)yH&|SMNUdGh3X#B&W<^x{^+nN^_?NNNt@mrf%ykB z{J;HISJ9a{&5#}%dp`X2%6Yoj`z>Y*WBT(mOA7sa9I-3Cd^bO58*jQ!+Td8s>g3iF zSEamNm!V_y?D1%>S?0c`QNKu~nbkXXZPbs-#7;4rjtIGoaC2}0^!s#T8>L7ZKKR__ z?0pIc-4cGvjNe}rcPAkwBzg82V9M-w;!5um@v<@yMR0@GO+s(CRohv6AGfs1(Z z(Ujt&2Rne+@9}@Mr)ly3;&5I6B}Do!u>|)2`(t`wS99@Hvf~^^!nJETXUYA=NJaGP zj?SXbSu6GK(Kc(ey|69T-x^|)Gz!bIMFbUK3{@z+%GKSG&%d7-{Uza&@$iwWYi9bA z3U2vOl;J}ye)X~yJHCw=Uas}sw#D?}CvRm3^_Q!*cPyMIJhnE(w~`~LQj5t2AbNq4l8o@(DXdAmyn2x&4Uv%# zMo56~|Ly*G4%=6t)G~v}*t>~x&9Kpb0qxCy0qxI4;KN;AlnOCBXu=IyXcaW6?Flqz zFn;=A3l+7X;hXrs10Zq`gfaxg2zTNqS_c+Jmqn9lUUQ=oMLQtCSjG*uJ;k5i*5k<0-gZ)BhrzOn#` z_Thxu%)ug(+&s-I$bfIZrq8-VPWBu(SWXPJp(KE$4FDS=9It|9KcPFx6Ui^1%K*b^*`c&l$mQaHUfIy z950e+hqUNGN;NN@t*Vbe6QMc>o^Lx7wI)M6*?g4X47z;L7$`DL9sws;5Aw!NLVXW1 zQN0!|dElvGPvf-P&={E{3INkU0^EH}rlYkacVY#rfC}G!1bWwmgd`PvfsI+;$vv?3 z^b~eBFeQppKQH0EK7afE_$X)>9j}>{jLl&4_II7>7}#wIl$*izN@)7d$@o97==amw z82@|8Xi*R^8ys)^#+niM0-UHaiTlPvcel-9kPG>s8y~+IgsSt?>BH3MDyZfFC>eHW z>%>p;QPIj`69gRU^@Re+O5#C6{bEOXa4i}4a$Z)=nTNn+(1<_ogx~$=JK^vv(41F5 z&wc`9btV^#)i~m?pUYinAs+vE#&`m?oCyZw@o`!ou00&JUd=)%_5i^)khaY)RrtQM zTqER4J2Y5Df5P}bsZL-1JE6S&-=I9`*}qfyk;(ACQ~9EQQ2ED@#zj}wc!L0S`-sa= z2O8Ex=zGw>Kza$fs2eEaC(ZfcXbBe@Y!jC8nm}(X$bjbO)vCNn2$p4`R;(3ZdYbDY zs-(q^$RrSFQW$r@5YmePtI-@rjY4OB{5ykhmY-ydB?EkpynvXtz96m6Tc{kO%za=6 zrt&Hyey;$u>5p6CPXBZ(ybtK1N6@|Ni@+fOC`m&p!#)$-$d(kOu-1THYD)*TAs78| z6P)(PO>o-ZZh{woMqUAlqF;R$1Bhq&^{51}HZ_eLz+t63NHOym8{gFfw6U+^p_;8= zA(92BnuL}%&P1CDYR#jgqY%L39e>C4&|)}{k~xJ}12DW}3$FWaUwtBgNqPcY9!|)` zgIA`HGIlWj`r!S=`q{gKRP0r#&mLz_aRZ_G@RL@4bYVXYyzm{{s*3L2G>d>KALSrq z%pWhunPfpsFt!>ZN!pZZ*5mH}#bL@}%?ZGMM(cYV20x;H-BSk=bT(kE*SmngQ4ExHk)}4ZQHX!f6 zTpg!eK_?NJsSfa)brtA(vglunM=96QX40f@iVjE?6bh(q%@`-ZaE;Jh1eG>*qw|3J#I*Vr71SJbeX5_3{ui7L+crI36tG zL20Nq>JAsk!^%Q@HT)g9j_-R@1BS>aDzbb7@;ki}`nCtPjiT|Ey#X(=>8%mMHDKwE z4M*NF4%JnI&mZbN>H9CPg7d1XNCFLWHBfph^i;7Hl7R1f0kucXVd{4Dd;(qWMFzvR z?@c&r^-b?CdZ)foMLV@P0FnD=1BOeb;>AoAMZ3vnZ}`Ez7Jf07E89CPsD@pxqStHH zq9*rfsKW7N&+X#fb)U4_7p-0x`m*|$!V`954~WCxfkGk-$@=E|F&q2`|()x>q<*jGIp6RPwk@J>7$iB z4^}lk`}ZnI#J=mbOYzRd^Ah<-fIu(i-sQv{S<$6k$7(lE=zc!ps0H0(Ygj(8V#bT2gKAXo{2?d@fYRqN+?(;#;Be zK)(l+^=@&K%!A8zn}!E1yK+G{8-9&TxD&TsUKkBDp=aRp$Q{TX7sV1MOZCuXM&4ac zV>@9F#EA~SPktPuvna~?*yUd--D`KYrHMrdb9m|eLu`CBBxb+}>yk_CQbjCI%9u6k zmz%ylP{)oKH9i!j(_b8x8iHR24hAQ}+9t~CTbbRg(oRpd-k7xcXsfNk+cQztE>cAj zlI0687>h^DMyv8nk;kYS?8&K*hCFa`L&EIXZk}b1quQs9{R+!(#DB6lq`o0H#{QO= z`wYFfcmo;B_uxJ?)7QHx^ygh0Qp9=YA-z@KKYi$<~EF zTbB^?#)=e|E(gyAIdX9;%O6el9c>$}RXrhJbLh=cMkv^eKq~`udB?f5GO1t()_$&U zwBaW|f1OMD_VQ&LmbBIF6hv-6p0g%|I20|nKrqE7w368C=_2WGl-hjeQ8DMdu%%sR z;&yrN^I!5m*n9JMsNa5noD_wc%9eG?l1eC%vQ3hZG-?Iz4jr8+}_TiUk@MJrndLk z2jQuq;3nkzm+6qO%7aWz)a*%isW+LVGBMIptZNDvEj)qW^$s#z`}o?Pt%8kyM+c=W zg_vhC;2kK2_NEi-2v83Hgv2$Qv^f6b-K(z(qi(wmOW(-|U4L|g@djhTY+ab)SUThr z;x6g{zUVM-3?zo_(a_rMF~w@$4)GPt*_C1&fs(g9=6HoMpq=0;S; z8FmqY;+xeK#*%H#sme>P84^>{K4~mt71vt*XmplM#wabyf)+2OIZZ*SI0)x!5zCYC z?ln@-=w;tTa%uCNWW3IYQ!@rTj)|VU-i&Ew1n2`YI!RBJ6g%12lO}hUBV*z`+>|xC z9Hsi;l^$G`D?4fdjG`H#r^({)u985Vaz&{wLgYU9zizc1u14)a`|mBLm3};4|(*@-|MYt>+da$Dc|77Z5LLj z8cHs!dYsSjH=>gx(Aw;~S#U_Nd}+x0;qS#dzHV*&(eDBUHfNX1j}T6Pr`Sr4#TLy@ zXVEV%&aUs9l-bdxqx!PnR3Qpcjrr!tQ#EAu{ffdRF`heCPrYAqz@DTAR%sAGGpeo< zrtyW#f!=#p=bQ4Zf<>%&nlI)vqqjWco9e-*ni))N~BQ4UMa)c7H>{fwuMTX!9Y zq2Am1urO3G=_siX9A-%f3a*j34b`;dNxu~O@HwN@!oLQUH&?B2Yr0e|wxC_qL5TN! zaPhK+7X>~Ar<+nh5TYtrr)*kOhQlifbbr7>vI~27h5PXA+mF5$4lVr9#BPE)=-#cW zP)q|1C>5DfDBA&EoPSn9$@Bh{h~Wfl!=k;1q~tb6B{FNe`1}@;q}in_AZ>|U%@L%H z1{b*P#MSk95^s47#fv1#UeL2P?n{jC+oCkT~=(5iTG+NJxQ zLs1QzB}v8;A02O8c0>=ADT+%PY**V5u!{*ndobc(vChyHr&b1cENG{|xAg9(eMe#B zW4o;0J`O&Q+ z_DIX9$QVITPmra;IFx1boOQ5W`8I0zuBXjFvm z@ix5y!HM)<)tEm%voi>DO+JXAB^4^d+_A-(KiA>rr=!{b{wORZ2UJo))zoH=31i(r0%qalFUAm>c+X z1zEI%JbU9S|5|t+;)5ki)y~&&H1Lvs`rj<=91|n=qZdVflKG{JQRnPoDND zo(GZ2H`Z1D#x;>L=9;GK`s}YMQU_q!gkLGYYXHgL=-R=yH?k3skM{nPgzeq`^N7HI zfL;G1QOeQ$d(wH65x>aYoq(?QV8-O?p*cGun}i8f{RMQy+y>;@pTNm3I-C`q3wX=| z`_^dKi(NQg?4QDnmta4{=zjuK0(fxI4-+^%U}7w5VQYGMc@mNxG6;6w zNQBR?hpyD&<_rc}4Dl$GC zhQzJNE|Hgn!3tX6uPzMx1IS~do7kl6XTz|+MH&fezcYh5i`jDt1hd@iDD04v?eH4d zwLjzc+ZD$26Xpy+qr6TnoAaZCR|t}YX5h!2Si|`1?DyEAu%50^mo7`5a^#TwH$3EQbI}NO>B~9@m$qOb{SzP&;=N|Is>T2Fu)5T zhv_8)zAj{SwHOS6=T&&w-?*^PI0`Gc2M&ZaTY+Kl@P87nW6u7<4xa1;J{sZ|77z(X z-yoN7uz)as_#g3n1FrnJ+C3=$2bUR!_y7tF4cMsPxbDL&Cx3RKoQPaOECFmT5z`Hu z%qj!O-%LG-TE;{(J^|n`K30XVR?kNv8S9qY>TgwEbv0Il)0 zg)sEE;WsYuD5kR~-BCW%(%=F6gU)yd2E^nu8b29U5`s9ou!}3W`%c)I9Y2KOt=KnE zRvamgjlzKstSTW=5pTr)_Q0j`AG+|cYQo(9xIDrk&rfFfxrHj197f@IRM-RQGP#pQ=0q?Fphv} z007Yc>rMG@_oh?_K{WK$J%1H#T{NwDtekY(^YNi^Qhxif9b}RZY<>#NMGSLxw%2c5 zdc;*gfO2a;eNuBNmB?bkCON`bXE0+Ci#P;|t@>Hs|2_Vn-VQx1rsj`!{*EOUVgA!k z|G$s%f4lAf$l?2M8!rDcy8a`xSU~Q zW7J|nD0b0oL4zn$T+IPx)`3X!oGSo=*fEyBr(qAv(SX`c1$U_cw&S1x5O5cf24ukamF;W39#=NO7EJJ;U;U~9vL*Vq91u!U1SV}?7R1NBFm z06Qw~;)>k-@;{Ul7XTwX!jS%F!jvp|RpAw=-FI@pv)YdBSwO7ru~cL=vIqv_mjC0N z^L}y3``-0m=$r@EhW{1LdDpkzxrK1!MCQz7-@foU}IjT`IljPhf>M zrXSd}|NYF2JXKa=61HKro|+5x&wKnZ(QI9O6afic*@ajZDgk1{+-V5__|U=F69Ilv zf1l|@_>VH3{=^*bzaP^HKoS2Orc*hn00E6}BI}m`jFDe}2zx^g zum@wA&cpUJVJp5YIJE+uuIh?33+x{44`9c-@m;Gdu=iXGq5&zPtMp*NEGYr}qikS# zpq4WZZISw>$t(sbA9MdW@ZvSQ1O`wL+z$^*uxSTtf%VJa1+onMLLmTVIN4JJCf~Ja z4;+3NHfKsDfQ@@IG_mo_aj%LZUC_&YSfK*OvM(%S@9sg zqa4^b+N>BXodn-BDgZo3B zAg+Rl8i}4F%isU){g;2o1^!gKv_%|l=O-8Ij^W_gwNM-x#-O|Z(lds*KLsg` zYHhe9Bip$cbDenV%R=UBTdM))?KGQ`yqYHl!`u0Y315k5E(ihB<-UX~T!|W)CKt)w z=^MPGHK^m1C3}g~a&sxZ`Gr-rN?_0j$s_XKTmyr;uJccj0%(UXpm88udvBy2G8Kbw zv4M+g-S*mN{eCFL{dm!$U{-W_tLWH)eb9UM+Ze5|X$LygDaPUab&^uQlUaCF%AHut z*bN)zH^ykH3|JMqHvwmJ#paBDf(}a;XcwIZ;SJDmy)Cq+D0iKM87R1gtEqoTXUE9I zNmNpY-20%7pKrAVO`SQ?=!&I~>!EREQH&5{l#(fNFZMBAuJ$1@Gsa8~SjNP^eq-c0 zoOCm5P+o*|OlPo!E1=EGYeQ<~L!UEpkqRnPP26h+^`H5NZ-eWB9MxbUs!VW>f%kJ0 zfj;F4-1i;NKP~rp&J}bfP9sz}U6|c;To~4=6&kkfyK++$>w0&ZbgUI`^|IJ8gI)aoX0A72X*7q+ihwmB{d&;2A4PT9+m2O?Tv3!jgk?em&PzJp!FC4 zte@#MOonZ;|C&EsuZJor3bpdl@pLq34Y_!%N!;xz^}S{dPDpP*dOw4rS%ZuwRq83c z`Jx`Nn5ud{@|$}BSBV>ZefzGjH}$SvSy<%?sEO~0WDU_&ikO$scNn0{%2YzBDNu;P z%S|5Ymp0^WM_nt8d9<@4^^vjs1Jw)Fc5$`+WlRgyT97p_My4OFTvFOuX-VJC7>``u z=UDbSf$T#X?yb3*vgw#te2+T!5+a(jhhbTrwu?3!sxk8566!fU&+WvGOQ&-rPx(A$ zWw@jTxVEb)&5@~2p%_h+5l}k8UI4k-em$j*>pcny{bMABtdE-Oy6PHRw|#AYlhEw> zcB?*d{i-_VDB~L)OSP=mRjsX3Eu&ouyX#??^uEHn?xvIH)}#WJG>3SB+uZ90yb}9( z7PbI2qH^AETrP2uX;SP&mM&epUgCWcF}%_>N8w&-*VHEWE7`f)86TODSy{vAxBE|; zNZ)fo@hrvC74Kn=Ff1wE8FVpY2C#y9+vYayBz(Z`>!l{>qx|q4xdyxW1IY(qsayfe z6nI1$FTG-NFD2%rb_Rvn;-;}he7)G#z)#V3Tz7&~>y&0M)!#DO@4El=S{Tbw5MLv~ zDre+ViBRD2?aBD2ketPvtgh^Tz8ERnaiB-^K+}!`MSIUlFS9zO+hPy)zh5?^L8td& zod&Z|hZ?&RT$k^>^LKuD=&KP@B=gj(YbQ4<%xkK0M=ni2;acUR!WvaWVH@+^XE^e% z7Nk?(tC~fx?>4dW-qx62;ZVih5~V#koxXJ1sFy+Lz9V zOMVN~py8)?QMK{+V8ssu_2g3ZRCi1)OI%nz{X`+take&j-k#Hb;KH8E=4I~9NBDAN zbSW_DR3wGigd>Ta6kX-T`(N$OPv3d)yOn@dn!=N5V>|d^>NoQ^^hhAgK%Gp&E%|oq zT+`uxfhvQiTy&0kQ(thWvMzYLY202MJLy(HZV6B~Mp5EwwN3rW5fWXc2@jEPHaw2- z{hM#Wz*FJ1NbYe2?aWB$?eBVfux~0gdGlTOrEhQY7gjp*RMUJHdgf@$`q-ofv^9O0 z7>rRy?_qSP579&OUolWtEzfLo9-0fN<;@1Ty;YhkHE;d#Ww@Zvv0JM4v9uT^8C5`m zXI0v*d=E9hy{h+C5pstK@~$j$}LE z(<_{=2zh-fI#~8SITq;+JV0yiayX?v0ItJ{GdwiZRzK&WQ<`y)C`qKt76h zV}#KjR{Mc^T}knKZFnSfinzHh*Y?!Q^*R1hN;efZM@I;ZDnA{F2O?3UmjzHta-k0u z5~jub9@9JezBAt`zUXOXywX8pxkld~87Fo=p;bE>s*PF&`Og>*=R%iekH2Lqv&;|M z^t(AZ#5RGQzTI*oA;Qn6X7--ea(({km?wr$6G8C`V|P_vW@gxE5RptMx?V_u1;Ios z1zz?tlIyJAF%q*|-KpxOm9fLruJ3Jq+qL8l>ND&3j)*U(L%w}jc>-2RAK1wYtu4iD zgC?yDhpMNg!so9fJs1c&_%+(HQ`!)tj{(~jDU1k%r`oSEco4E>;$0RA6>RaK&FOht zfK1QZtHNedZkczxyw<+8btR0tS**cEIvdc{ZaqvEYu~>#-*_wGNH{?Z6yWY6c<@(g`KeV=yk$8PmZCw{)F4W!K5|3lBSWts1Zu@I+A}zd26|Bg zUVvrW19O^<7F$~V{=F($BVW!kXq(5fXv0S{DO%1Rc_W^rYB{|x+)JT`;y|p#RAIy| zWip1-ZxBRv9H^$!ss^SJa-yQ$`{pJN)G1}O?$0Ba@2_*oa|kTgc`{ffg~BhDGrkYt zwlhYJ>Gxvqir&p}vADCfAXTc7_U*%0rs>hzle}_>{nrKxb;J3_Ki$B8=!HgLOM0TQ z*T)Gik95pmI14yCDzGHv4-4!U+iEjojUFHJlC8|z#C<^M$mq*e92F8*X@W<~(ui@l zA>z*VTwxZW{Sz~@=Od3AJ=EF7dbz$s);A@*#*I!2)XQytsa%kc-z6rRu)nbMX0riL zaB%Zr&_NK9!&{}yg44;7IzF^pO-(k~aHv^l{%kRRyNykK<3Vk$O0VP5vOZ>&m!q!< zr6s**a*x5b?PN$($Xh4%pzQjp?D|4gcN<^T=b80C%l8$d!-yC_ zhDz`-vZ-5g-807Nug~kYhMa49Uf_HE2<4c3j{vQADUKmc$6ic4&OlOabuCu+e8jtp zJ3czOaRaM-UFm1zmd2wZU~^|O38BB&*_>sbolyF;g5c?>>*siJK; z2K!HVoDD#Mr4Yl3oCVXVO{c!J~_BQzftF~3*q6J z_Jw<~t>k+?Ra{x#`l9uN2bZhWo^Ffpli4_ZKKY`!!(GG^Y~l4(I^2}8*Jn^0FPz_< zDn;sL-_6Sq^hl;2cXEyCjlCu~d}?r{5mnH%WZ45=K9HC+5gNG>2}Q-Wnzd)21}jFJ zuerKYH>4$;UtIraCKp&Ew}W4IjAshTg*K!)HK=Y;jndhGeiED3X~y+fA4X>b=<(ky1+C=S=&v8v<(bcJn=q$@I9ZrQFs_+s7cS)L=K z@?|zN=u3H=PBM=-c_Rwnh*5q+-<^tgwRmze`$c|`P3C65Q@NxMdDmps4l-*^8vO^j zFn6zQDYmR75n?b0&==V0EL&P`4QEeO%@d#Csi`3gTVoFoRfTs3iccE7?yg6Xjt9b* z?|I`2vtv05EHj2zz#t^T=8IM(nPh1JtcXcRb_qBsowycrKT)w6z)n^I2^9a}xr`oBY^ar|D@IqWn znjT#t`EmMjM~7@1tK8O?`W_uhYlHfolVfe31D9$}I^^?Iq|$s!wbtmgGxHdV7a5x- zK))ClI*okdtZud~Z##9bGUbjT({85r*xWQna08KY7FD-|XQbwHK4CU6@@XF$Nsz6s ztBY0fURQ1kRCkI#5r6*u{)e=y*AA=%edZhI)z8R6EdzUFmL07tX$U8#V-AT>nR%ia zZTl_%sl``5zun@Gza-Wj-m(FOt0&5^?CHd&Og0X))#WV1Ls|QDoJH57vwQc* zrbX&=&Ym|JD%^HF);Qilb{CzfZ7Fg0(&Wl$$goQBJL-*3zbOoN4Ufh7Cn)SXC#)!S zi`@DKA%nJ{Wdk==0$-(Bu6~Zus~b;}KIN$2Y2Em?yku@kOU0^D&mn1j@G14~gT9#hvfs4KGxY2Wds{B7jr$Xa+MmwjC%jSwuO#D1lxGilSEUZqe- z0~8e2QK~?`u8op#+6epdQ_+~^*H-beyLk5Wee{uez`d%xwl=P$Asg_~1TnNHb@Mt{ z#1m|gj#0MD!^6pG;uW28UPFevtWwjQOcd4jYJCI1;<`gUEC$E-fyI6qzb#$+jZj`)G^ zp-ccTS4pnTAg^0+PGUi(I(R(g<2fd}YGii=%h-6c`Rv zC9vo$O^Usj1JAnT`|`Y)D5GBt=IcwT=t;L6&aQz#(7tqBjNV>n!WI@BNzs)hHjonc zKW{;*sHkM_q*Qiqyq``wBKat>x#13gX-cx=SgOoDli2MnN2H?{HAct^S69<>(8la` zV&2}HgD`oN`waJ#XEcp__0atr&G-*7s!NaPVRb|q)Nx%)YG^Q>pIHAS#Kt4*ilgv> zRwsqVJ4CnkgUZ_v3rFx8FYEZ#+wW&*>h0rvw%1`;Qy|-I7|3I^`cg;ahDf{bBO~AK z40ha-Yn=Y{srog=NGcFQnAlX1pHEUxGc-_gJ66BBEqcHyr&@=9#bF7-h@vaj&oL?} zzi~CVMgRs4RW& zT)1>G*1@D+Y_HQHjXDp{kzuvFTh@);*nIf-DV+`>hW6cH%Ra`@}pu5@uTHR&kN?s{`jK z$2Q(89h$dqp-lqVOB~I|G%%$ZQA5l5BGso2P9$0v5=3*HJt6UG4f5yYeNXaXE<{Uk zF^yy+S$E;2iYDB)+n2nku`zU5UH=xQ)Ur}0%425FHD7AURlZ*N_>fog(<>(&c;v+K z9q_v_q0T|g8t{r^oi!HyR+6HgO0noGZ28cfzRX?2LkiS&-D!?^oXA2jas~-8X-W(q z)p}QGn9r)=N@<6BRKC_xy>DC>_ulNZ(^{!LhcXVAtqT64w+n4V8wDX?kdSv-EHMjG zK^WFEr}*Z^`W}nt2jt`AAAKo0NZK?AX2jf<1|R~h!$qX+U}RczoY6jCrGx@ZZ-!D1 z!+u!DG7A-i-GL~G?Y0zM*WdqPhGLzOAQn^E6uWba!P8PcJQp;}SEPmkr(y$Ho+>3` z_e%E6#DyW{I~S#R%{SDa5^s+R)H|y$f6c$=gM?xvM;pDH{fwnVYo!`Rq|-f;2DM#l zt=AGZYOVx%zNT}G@Nc3$3il7(VnKdr^u$41gyX0+cpKr@LB(uQ18mzqdKs1!&Y`#;Vve|0AK#z7rqwc(gzM$Gskri9eY_+f* z3xuz+tCLprOrKK3<=64~J!X;H-K|a#uJ;$9`t((!?;pIIX#bx6kcw-7eQTm*UsReens$bojZLJv$dN<@s438U9QoR9qcY zilt2JJeOwOi0_@KZ(usBk?a(K2P=Q;}x4oH3qUzgqszc*XEh8?%}) z71k`%wd~0C*JA0~Z;>`eS)+^?P3EpA6)#S%dEwk0_0BaaY?H*6Z;ItQ++Wg?IxJfV zCCD1sdX^zgFJ}}x~Qx9@)BH@F_2ho$ME|z({5_Hu|5ZyWiqM2rLK&QUvl_D za1f@c2IqZ48)S}mPrF{({GjlXb5Ci7DN$)hb@<7FhquUw{SrVJWp87@9?h~YfEO-| zTD|}VI3wI5Z9-qdLswX+EAFzI*=3dnqk+~-WoLCQ*Tr1aFwRSLc>3HpMZ9r%z40qw zsUTjZ`9!K%v^P-_^Ti(0zNjkDhawH0q~%v-JHAkA5_$PWb>qCsOyKeQ=jbSaV_1-@@;TI`aNs8BaJsV>Rb)fyZ<+J z<3GqP@xw|S{>PyH{fw%*y3k2jNK#rY`SswwjJMD<;ks_zXK27rvVPjmtRC6%-+M5`JM6lsqT{_p0|f7}|MhIW-?;Ly_(FhJ z+y#oM5;Qj;n1V8TJfaS|$b@ks@XsiS6>;+w&guCgfdN4$5H*KPU3#gA5@(Y!3Y(sL^DBwI*-|)2qf45sW>StO$D^B5(iF7KCGD69Q>RE;b%*7rFrr%*5%O<+EpnBP^fh?dc}%gVS?7+1-Hj{99#*c zq9?z?(%|qFp|!Ffq8&T-%n~+`PM+I2hFIE$WN+_+b2g0wUIrFe5QF?YVWmWl0|xPI z0W@y{V1R(q9TH}cJD|$g17jryh;eEWOq0o3(yzYddg9=sF;GN1E@1=`&ViA^-0zy-xak6(xe3pS^c#TEDM2)M#h3m)i&_Z13^J=cPDmA5z2}3W4`-4$F@kVeG$m{Ik#3I zuLuJlTC)MU4+ljm5Fr-0xN3?>fvr*J*E6zzH-CU2GP?+%5Z?T$3;t~ETkFJ(K#lsfR# z-M9~@*oW~S0rlJo4(|2+kH|fjACY@q{{@kIgc(K9E=87YH-F<|Meo5z$fR9av&l{a z-RMVqgRQe@? zZ@3Uqi+jd|2!bv^Tq{vKeFCp>*orvX926-_ajR;l*k|yqPzJCnimn2W1aAvxiz{QY zEspxoM1>a_S-*;(_6J&0-Yg&&j)m>WGqOLYXen%_=;pD7_9bp zfE)E>+W%GH-q25hdnMp8%z=SG2Jr@ie4H2;wmts;Z-IMY2K;N_p45-PJ>`E1+;jaA zxF_}BIdBi${U5{i{)vHm%m0SJy}t(R{WWm!uK|4j*1)~EAAx%Vz~5cMa(si&C~j7@ z9jaT6o!gI~IuQwfN(2~#|D!;@xg+@HS5C8ifR-meqX~xj_(9m!$)5~R-mm`bkurXZ zu>1~21-|yJo`@P;1}p9p;%EC4meVgDDd~g2N)6kayQni2$0m;ucQYozb;IhRi-33V z(Xt*Wl(Sh$aZFF#N)y5j?F~k(0Tr^kfE`hyV!xf|oN8jfC9(z!qzLTBGUA+`X*hN$ zAP7vur`ZPqlX5h!{rKMyRv~LiqG7;v_Zh8JRgkg!n+N{<#m<6A^{B0L`7`HCB)#q* zIeSJcEhvlqf+K?}qryUpH>=hxwR-8sMX0BqbadXXTe?)X&IF-yOyPpljiDuc=8ben zRMk!tau5*&bJk?E(MIdcQFybi;v>aTDW3i!PnYKOwLiSMj!cRV9*jLx>Xb%&4m_qEEOa9n#^4Sq--zTCTq&)dyEE#7td7zsks# zc?|OeZY;p)pdIT+K20q{YCOf21G8qE| zAN(QU^%CoddkGR>f!xXeYE^meE18GOMZ&UA`w{^aW*Zo@^BHa*pYb%_f$AFtZ> zd5Wb>C4}1VH10Gm->di3WB*wp3c4a%m**CAUq@5l*|H5MSXv-k8iGLBLlY1qL0&H3r^qxUO{-?XYft$fow zR8%38XXdBOg;s!8L&CKPweV=nx{6pyC4%^*R%-X7S=o0wn%f#>eZHEQH5l)l(~7rU zMMiG5RWmBvx$?Eu|mpQa^G#)#$XQv#X~IoscqO+qwtXi%T7l7mEBqi>riY*bN*+gAMeO7Y$!JbWU{4Zy%9?iEUCsfLcI zvBiFKu=>2;-Tk!ZxF%+g?HFmVdh_dw!4hbdkjeIYyFw4)?BdSQ5w*lf0zc-cHQIq; z^sI*3%J+HaXBG8vm5k!@GE=ATQm;++%r##LoG{i{z9`I1GYZk$fHq)c4Ps?j#*FsN zUetA%*bP?-L%r2EdB*Xs53bnGR7TEOt?tITo4i|;h$X7)FkkHz8GHGr@VPfc4|l&f zvJeHzW()2@dJqyLu^gTeHRv{?1#uE4~ifhiEMWn$1&LM1VyPOGm{ zwB}>J{QQe;X+}C5n%7l*dLF3f%TB7?K*fb3xX`)-ND15gg6zwQ5mal@vsp8a@i)g# zJv--C;Nk!ns&d-Do*##l=!W<(I{%M;X@VjyY7M8HLQ8JJy%Ci7&pt>J>Pt z6zyRRHk@QRC9PN^*((g+UK;FwRry4F()@^;FhU)wnp*dCzz45JM^+;vSI-b=6-}O~ zGo6k18Mbv9Chyx-RMO*`-yM9(Jbe;fJ#5^Y1{aqOXCDA(7G?+m6B6m{CZs6(A|vLR zGY48k-xA~O>gsw${Z^EhU;<>{xw}5i!l6#)uSZ?dl>C=W+x0ZjDzp+@jcT~PSR~o( za{^^&kMivE1f`@yV$lNF#aC8GTaNHZAH^4ecbpId2*+dWMc#EPGA>e%=v;K&^#IY> z)8eROB{2NxV}?VJkH`8UPkZqJC>Q!VBba%TgbrY2r;|{pIt@Bi)F&l(%p}as4D=mP zmY=I%e`PCAp}xFOXCeX#X66m7bu_0YL}Wx;aIzngZAK04g!u z4|Y#kN5QR3%^9<|V^RBl$9{k1{LJe~HMi6*K;IqJy%zulu3ILolQet;u-zh^2VojC zc(6JsMmWnzm%+DGxIB!@Hj*AXO}th3$UtXs%d6ADJohWTnL!%u|{JYv5B)81sSM{^2|WV_Mgx!l1!;ciLj@Rj9lNLW~Lre zQF>%(;7&RuRZp8G&A10?3^+7Mu5%ZH(>=cHjBCA!c&Tpw_{w(Q2#w+*C0XN;`}&PW z_)~rDw^cz+0VD?pC|+RrW}{Rt8JMKCo(b(AAvw=nOBTNnVZXtuT~nktdB&t6Ak2^p zHCqecgqpP^_va*-(iVMu2Iy~}u-rEgCHN_TP)Nqz?cYR8eHh_3b?u2V z#6~N`g5H2sj~-vD@P+x=NH=M#?cm~d^-%p5)hM%>VL)r5^ar)%USc2{MEx4`Z%SW1 zr`e|b@ugJIG2a8P^sZ`Kl8euBBg9!|GzdU6)}#HRmI4_^vudcui^>PpQyol_hm{@o z3Wgdxl_l#B5BqHW&=lW!ba3j!9v%vDJz9d1LO(?1i{z-Fk;P$k9j<jcB&i`F&g-SEAgp?Z5|_UC_!u>x!&>9x&PG&UzcMbsC+qE_|(!T z9r8gr&eo$l16*e%_V5gR1)<8z1Bwl^VvIyeb|^^s3)6ABtzodSD)z&~r{&8g+=l=j zJ}8Hji%p$kou-8~F$oeZJ@&K8LzGt2?_MX0D~h{{p{38aNsnFXH*CEtsqW~j7~Csc zH4f$pJ{mj-djl)R>3ZVS1Op&i@n?0{OQMrzLETDUXFPV1W#7(!;L7WeiXR@nc#Mzt zeH`-Onhxwx%z@p8ZHm&J`2uUTu__I;4p{b4)zl~0|`vxrk*7(c;6D~0Ht zgQKBH77rf1yHo7EuY@FIn_iB`xpo7b%J6~bV{uJK~#;rQzFN&I$ zqNVKy@=ZtM2an~A>I{byHOjy+^FeE}AL|5Ah@@T%dR3vYLyf4I=DWto=f*8su{lzn zebD{VAGRuSS#f`kj2jS}YN7K{MyL1YGcxMUchW-ds}e(xw@8X;6;J9m&-IL$Wr|1! z4rYt2Dgke=?@S%EE*%+oonFCs@!h?#h?;6}zPMMmrHXW`$~HA~T9I#9Cw6gufSru? z1>TMGjflx6HsSVw!3=mxm0&8#n@49r;L#cTNpI41WkhFTHd4X zu31m!UC>oX07TDXjcb)fsQ9g{j$T8l>sOn^kA1C~F!al=MTS)=)5;pL5oxO3)5*%P zdY@z==ebQH(K#EQH|*M%`JgWPN+8j^AwUk?ay!j{LX2XG(^aXK;gyDNuSuvV>&Us9 z`tT8Bi|-EmFPiL~Uw7cE?xft(W141to2wPgs2+ZA)lI8wHblee{lhcK-leYL*Y6H^ zO5x{}_Ml_P_*1LzBDq%9LHN+-YwQ9Z^p&24Z5g&!WABm*o_X}#{M6k^lwC1-cPK)0 z-_RSuEurt)oG3k!c!JA&Me0>sr5ktpK@tBt?&H~7s_Uc73*SM};Br*tK;7E)^x84pfxQ;XF+T4(uUt6aWvomzuV{4I`XydS=9N{!3gdw`w zqPK?RrZs|d&Fqi5ttoovghu7|_=m<{_XWMG9~f}T_kIAD+Oth;fkD-VR8>2MPd-bw z(|at_IlZIA*IU~$Rvx){KFM2b+q-~~3lk@K4UMRfV3<^uOh0hQx;Id9L+45^O7+x3 zqb_B~a?x2Y>3YvxQ^8Jj`APWTP_$<^LH}hsB)C#wfJ_o=Ae0z}H9;aU(2~!$T?4j{ znw6Er&S~ciDDQha|LwrqNGaO)ic4OCS|v1wEx}hyB88p(5JB!brj7-!HnBOE<-QD* zC4b9)Fg;(7Q!|h5hOEQ%uzG1H$|CumaxztyuR)ZQH150|rb0S0WN~vx zP`xO0A0SG0f^)YLgg6qY)_PpAQynr~OZQD{Cc}q$etPclw$oVWvTveWQ;FqoSM;0w z=1t*&(5>F8_rQ~?+~zNA;UlBbaz1RKYI881nT~jt_!1Hcv(}OTpSp&Yp&B z!bfA@l$O(i8}vlO>TLS7yz}!@bXk@MF0~?GCkR>}+&fn-3Bb{@O)o$ci!Z$baFT6b zkX`M?OK4@0EXAB&7n^{r=`WhyK5hJ0Pb7Y5HXdp*uiSn_vAb#oj3RBuWwLMyRD3)a zY(;F~A=9#!{`rO;Q={?MHXe_$?g{ z-XCX^zST9z_O(sO$4N9;&mHt)bIyMKOt zwxf;bxynej_*Gu`x{B33Jk6Y~DF1r<4Gaa!tl&g)`ouenc;xzIs$osqj$?b|#SxVU zE3*AokW{`<*o|3|1ql+`uSm-x1hSNUbk0rssFC&keS8GZK&L({zpV}1>ESfp`4*Ng ze3q{fCsZZDIzv-!yrexytY+`-wNrkv8FH~bGu7SR^g`mtP+Q;36_E@b5s%!CVm&^F z0JSlL?o*G2VpOeao?UY3zO#BUG+wavR`*i!rw-(kYbz2)cN7JxMHavR9=-eb>T{NJ zNuVSG_;!h(>0)d@XY%T)B(_b@-#KdD2O;ubnS{TPDY<;ouTwH#XRVaTg@>)aSd|zx zyM6xm>|@koI%Is3voRkyG8f^2ezObUJDG1VGkn8PT7ldfDAr)iy~S4USyd zO&Vq2gLA?ot2p>TV7l~&oC<5YCM(+2j}x9(#3spvHR4KPtSFKqJD>%GDol{4K%GN2 z6bv#1fFBK&FZ_v|+tmpCS0Zi#eHuHI^P^%0d95_x!{G;aC2JW*nA)YtiO^UT`BlN4 z*o5UZnnp{n)lgx%tVgp9MLa8f&Ajw=5OypH|2dMi3`z-ppu7_YGFLZ(^VqOAX7I3f zgzW&wdbdpwiC{L7txg^LB+l&LkOAY{$4EcwEj*R?p zEMVXNl)~%Ne@5XIs675ycrE$+g;xOg{CVM(@LybbouHCIyu*J|;k5{?ff8=vK{oNz zi=dhgfw$wbOXxn+!=Nak$f4dLFf{@)5MrEu*xd0jcF5lii>?J*)}KQtSQTsKW6;In z4cNs`#NW7%Clkz-%0Pb|axn$xDg^KQ2>W}`RTQ?B$y1g{Zd?Aoc)*R zig}HppFHHOKZBXW9S-W2u;wBD?OY|qhKVf{%tVyiUZg%&x32E{B2-GlL}`&kT*|wl36hmt6=&t zF=~eW0~0ueDW(rLcWh>jzyR*;WaLWr4+4dpPXuA|Q!hB8>(%wU(m8F!8r*!TA`6iR z={ogGK6KkJ8t%#{HYbena0Fux8o?)LjF=2&OT?Tu2#~M548DFoB6o2`|Chon0uPS{ zPkqf??Z2~AoXY#Z$)Wf+ImIDYXs-}{O{^g3{Kn;r31683 zul@L|AjCs2fc*-je&~RAlzlMh(aIQqObsAT*c4!=#9^H1Si*6v3w}kDC=5su>7Zjq zA=1dNv8?1=9FrFg6zOvK_y+9z^Dqo$c16*%3J*qB1XIkOn|U7FQpL#SRK{^aN@f=a zpe35Dl-WqaWHX@0m?BJ*z}5>eWrVTn7~4pWAR9V_@xs(X=j^V5SFvLgCrkwM(Q*(r z1>VdGjc_Kf9d^vqa;hPKPZHZ)$N7%P8NG%DBlEDY=D(gm!F2dnMcp^Sd^w|0g^i!H zGXOKllvwL;T&J9XC%!pC2NU@R3Mt*bjA@t0k$y{83|0@;O)ZOd*V$Jlww+tLDMhV8 zoi^1{D_T1Pz>>8bh2!uL*m{lG9bZ|bz~HHO=zyWha=i=ux@VU7#x|oJ=#vzAoFL2r z!Nb~L{4SwmN!iCR*1!3af^9`qOy?QMa(%(aEqf5PrPB=m0sPnHi}db$KA0-Gl8%I#<#Yb! znE}UIfre<<`hyNKvDjgF=Qi?AXzr6OdEN-fH&@GDS2Zo@r|Wd~#v3>&zW$`-c*)A+ zeEcNhAsMQ|(niuHDem~jaYfjcncGg$b>fd|cE6G{*!ngWlKRCkAw4KP2<|sjC1yQN z0Azi7++a^FTW^Vc@^zUvt$sDW+)lQ4#7oeUPwyCRgMfuJXsm^r?bTIy6or`D5y3&#v(}tjklgymh~>5YXy%HV^*BC5S%Rsp1{C>5PYaK2l}By;+w2lW!ky zZ6Nk@-{lVDEAb^nW3C>on$; zr*_ezD2)*VQTTA0jgD4Qa$#Pt{Iuu66G7Tx;XLA4)et)mrL>`uVm)qs#W>a>y7tn; zFBg*OQQv#Vv%-|Joas7S-3L77c(ItxTmcTWLsZ?K24sl6G$ZDfzI5uRGDqpo8cER$ zs^3g+8Tx&@%xi`@$>L@wVW14=608I5i?^RprfSFRol({}GV5eicmO#kS7vxKO3MGF zCG_AY_-UU+AbAq2$9@Z@RKlbjy1l=9)fdWtc77*xy6oY+t&))(EP>7$3oc*Q%F%n9 z4(U7*FMp|7Unb)TGF4`N>y@`&(eo?b_*O(LV-rDfYA+4)fMPXnlNdw&|C7R%3(nDm2$5?tV$UDKfS`|tIk5oxOv{+myY z9oc90<<|7Y`vbmed(5Annm6y)b(YscQm zy43#q@{xhj6-y{Z70PgETz=BRIkgXY8&x(c%Jsj8Ea@}EX{~U2 zS!|_|^Ob$}C~U)Wce08{!Nyqm*aNRVTvOV$(z~DXXf&|_I1JEX4H$VE{O)WeoFdJS z-991uOwh)?I7+H$#v3G*Y?Qo^taDrBTa9;BhjvQVoOqY1Tzr!JwH#eFEz4F!*@mt* z+|+w&RLWj^abau9;MM3uzFY%2>pdG#eA99R(5-#w^PN>YS^Bib>_GxoL#7dOY4g6} zZd-wLQ=J8PW`~Ucq zO3G4XkEsxaBx_lw5|X5plx-?S2uWodb7?`A2t`pQsU$Jkcaxn|Dl+yl_Aty0#*CS{ z`o7hDpL3r&_c`Ble!uhh{63%G=Z_wbTyxDe*YdvJ%X53tJlW*iqm!{@GJDsAI3vlL z7-mi1ATO(^^unpuJVsgui)7*O9>WgeY<73>ff3UW~LirqKJS=^T4S2Jhe5#YJEej z=^Xn!eQBAiPnl14->Wh|-iR5?ZnQmZz2i#iXmGi~3yWt$5`Li##-*i29`OnVHAqd9 zntLiMdaeud;gdiX?Q~}zxuGh{hMY~Hc6#QIk?Kkvvc6=LB%Sw^_F4Dnv(4$zZJ%|b zge7it1*2>nkKOj&zcL@KfkA3d*iPTBqJmVNN{v^cX3h+Xk$ zLC)nerU(r=C=ZLa>1zzA$xM_Qyt?SnLHmrwhft@{s+A9JT*Nx_$f%=LdR^D} z6*2f}y}0n!!*~2pwc>YNkGP2oYrTKv>LaY8A$loS(`~ZYjv z-X2IL8bQ2bU)-CUtr4d@GL5ivg@gbo;uY5Z4I#);9uVT`V1^2qbS)5%-!Hex5Gc8~ zzTV}2cxYfhcGA}NUs!BE(CegNkdK)ImSFf^K)3GroK;sZZ;Q?6j3Wai+j>hwHhs%Wtjz zWD~z&lgAXBsP|0~$t_`qxx1fxm5VGea*;D%`uYrS!W7RM8{XJEhm>as0}VB52#zHv z$}Q}7qn5FwjG0@#5I8Gtvyv~mN&fcH3pbiqSsFU__RgT6DrtJHWM1Sw?UDX9p(ihA zlkVw5uNve-jx_DmT#_?VzushjPoOU+W9S+>j3E9EK|V5p;=>q$ImC1b#)x_5E6%7 z+dr#VSyX(n<7e@>#Wh4Oybena=JLk9MZVxqJI8uddIn z&(*kaCjFtT{~Z1Rw{%}kY*Xo;#^8aa?o2_z$zx)%{&kHs;MkBlsIeI7CQzPzdU zaBQQ~xica6#j2KFi|TKmu152?qLzO{xW7k}(`#6ss+gS_%+p%Vt&Xk=*Oi}^t(m^H z|J~88hj#07w=bE`v=Ck+6WnugM*z+ZYm7Y%zr*DT)qF!lqj;x5?eZNHR&52+k1UTC z<=rRQt1&KL>^+ddxMH&^t8AOuvbf!2>h@C)XhQXl+qe%a#d`f>jwDUN4GoO0gGGTI z2JfyWTGeK4a1O zs$K1|xB8^m+g7u-)87#0CCls&w#b!ivVX0THhkuoAc7|X!Bum@i6H1SYF2?uVNV@3XX%H|pVed-%>!+Dh)j5c_Y6%8`UxK6e?H)R$bZfklI zj1dlAZyXIyDBM<^TV0lZt4z z+Pr%_`iR|GLZHeLA;eG!vpSF2L{9Ft(D!)S^R;M)yHJpRd{47M?Uo(yB;RUYSWjNs z&%dPp(vpQV`JCFaryET(bkkP|G~(Y8y2Lj!el@&$S0rp6(``4>W1B zvhUISWH*%e>a2&#N=e6iU2ru?XfppqIePGsb~W66psm35$;Y9#q(O?%^9@!vnjaOZ z1kSv^$8TzjSeUP?+(t9JHh>cx3s4Ii{c>S0F#JqKMTGIb)=zSMx%;1MBg3VohM7U?^H$0Z!uC1_vdD`w8kxAuRcvd3KqZ2{#Ej$_al5_6OD8Rx3_rIzz2Pou=W%adh91;4q^kGsvXroc~a)=_&mzZGc1+t zZjBTh8(vHx_mc0~4Zk~eHX5Oe|7cEP8BRd#wV<)J20s?c+0(KqUM>rBguS-Uu@C!x z(+I8eY^YSudwti@&!?{Rc0r_c=5=9-Cl)`Zp2@#W zJ+XK4KPlhp1Z_{FX8|?4~ZJtm-Z2=>WG)IRPQys(0%&ek2`h~VvyK~R@c0wMPB=mji=Y`AkVjh?) z)eF6rA=ab7?8$CWJfhr#eaO$|B+WA9$`&gNwUeK-UE&NjcOE%b%Xqy%X6^BzcaP(z zcOzf*y6GeU(5Zcm#<;h=P<6Pzs9KGOm}QubGYFv6j^##>pZO>4&!Oj;ZQS+_iuB$2 z!JUkZn4pRbjMjOrv9o2G*U9RA(d^e`cjk9Ki>|KsOI*H5O7`0}(sbGP(3zr=INjPPGlehfw(K-e zevh&4Z$^PCj73CvJ;%JH7*``J@cDvE(dX2Z{hLxo=6y66Ta&Z1yyDYkFekshUyE;J>4PbY()!l& zE&5TPw>Iu}ln&mm`~EnsrJ5uNHxop$vVQ6PuM(xK({E|rzbs>8p(A49_8YJ`d5`FoZTD3UyJ)l~Pzu348GT|{I_*?VIxp&NXoA+M zsNIT>TQ(E)%Vqk#1USpNc^C9WsXZ;}V~!iCb?+&|kv-3fLK-JMeWELZZIl%NFqs1p|5DvXH1GmzX^z8h}J-%I%o+9(=uZOKv)(C1;feb49 zh%@HvAJ99r1;ItS)29a_{2~WNZ=zf(^sK*3Ul^gO0DYUK_@ zje*Hzw0m(PS?wl_z_t+tQ<;Z6^UKuM8NIX}zY4h~o!GWKtF(E2RBjneRUa;W7zD;( z33`3h%gH59!F)WZ15`pMd!R1^#A1~86};@MJGjdovbGZy1p=4OCe2v2q0xlTvt-epkJ}!2IjJRzckc5{m2d2^TQ(}onvG#9wmwR8SnPoCQqq>e^Q=7vp%#Hiiirzy zr5FFvTQ(oU{1j!+Ob;8-FJ257s66#~5;~h0(K%Ammf(}OwVRHNE;|-o87A7an*J!h zNPWSS-+i6A@TGMKjj^ok~$RKvZ?Dm^lV&j*6NU!v~}K zpCIYVOedJ&0yqY(c{m5IY=A3y;p<&I;?b$rtO=m4SOvbPTti~4i3d`EBo@e6JBuY&k?7hr3xp=X{rxO8 zz_&oZND{WAs&0A5aBkyTEf8*7b;LjbERnd0ZR^=9e^^)BqNzhLYz1c z9k|*X@JmJbvR^m7CbzI8KF*;wza#Xfk9i}1kr%KEKtlqJ=8yhwI~tl3HGv__-ZeS; zgZ;ioaL2P0#Rzj;Bxs#=a6O4O4OlON7bm66vTGDJtHX04KrlZp@P=}VIDw!MOarc1 z@tGxT95=^3LIcd#(2I1?Y6?xe3uwF)z*WmTcEiL46ci|gh7>{g^eA|@Q_ayY?y-D-yU~AR{PqIC6o|Fw zmMxajwm*N zhL0t9OtUsfg>i#y7jx0=iH)SfdCnaHBe*haF%!C$L>OPy^3$VcH$=!3mX?phX6Phr|Z@Dc(A;$-O@l`W|afq~ll$ zH1q&?0ffFR{9Jf$;YpJr)mDmV>Isr5S33fjS@GpMoX^bW`86-y=cx zyB2EpBFKK{JODo!1T`5GL3TTCLDyzN%V(HSh1TdEB(bEA&BhGHB!VGuG49>#x48Em z;2VF8dnb0{3IRPmRWerudi!RyBzO%_(9rV+--Uj}J zqMKg9FO1+8)ZK@LI;G(Qs?%J*A`l@zUIjH)7U5a4$9(~nE-3T~dkJMSQ4gI*vE)ie zx!!25fO}`=kH3L>@B7~kRUo@!F~~me1FFXx*`GMn5(}OETUR&M>zADP=@wKU`iWs+ zFnGWx2(>M^eug$(PySdjNmha8(%*&_ z!x)j3xi&}6Ym)fKovagTO=P?_hp!CQ6O%r!s7EU(lGS}l%GY_*EYv0R<|1?Tv9|Qj zkImWc?Ma<`?s6YRdhBgjSv!l7sSK^?0^;|262p$x5{^0f*o`Dr9^^AnpS98sDX8HOe5PikIzIabZ$eSt6!|k zTi@#@2M+}I>l)}b*e*N=Rt%>%q+Hz1%W6D+Y1ObEp_pcpIvDgmd)#J^Q$qi}jwf37 zugri}@_3q_WtQLcE!3Im@V@QL3*Qhc01AF+VWMVD)lkDoYXf${ozA0d(*JVBQ8|Zan=YGwtOlajdJSdBd%)w(fL_MbsXrnwyY2IZxqUHr?TY2@Zwu175mSvn@3@`{ivLZTJRoOE2N`x;+Ef_6 z2@J$bb}vU@{K@#vutC#nm+zMg^m|1R3mqj2E~;idYt5Qc+fc-7xYwbKC)m(hL6FyN z{uA{9Z-XYY{mP1MN#YE(PJX9lL1`^BB^hY%m(Y>HsB?hN^s^f4az0eK{7SZ{d@++YctCCkh#02RyX8F9xTdB`bxR4zt{cdRoxz7ljLLI zi-5ImNf-m7Qd*+QeFxM;4r-YT$r`zO`J^|mSzDj*T4Fz`I8p7v&%3$&;F(=PXn0G5MZqw6emby;F|cx2rQe)-9Rwts#WqWHg1= zot!|ff#uBxq*p6FGOUq(;N_gBvF+o`{;0`1ER|>d-0Z8C)ffaVJ-AZU4c4Zjqn;Lm zmT^loRrAptbu?-zwAFGNl+eSa{-jrgO*_k8%>E-R%*!njbQG)47 z^JVBx_Xb&c+SO~XIOl0|EfKQ>P#2*$6vt4?;^{H1wd!q>MjG6KavwiT8A4{y1+6wF zlB2ur^F!&n=gbCA#-3fR;-WMzv3^I&p7jx5ekr>qB*Pq~I_+V8?Kh=57Wf$4jD0WK z`-qaU)ZOld;Mntn)B`Dx=Okt4W-9T(TD_k(l|!cZ3=nIRAGulbyNMCo57(sExbsLz zXgr8rpBT4WJ6uQLhVIdL^p(rNfwPMUIiqDdIOa6*TI5Yxz2xeqff|wVtIw;Y-<%8A z&ruPQ+j9HuLTJ@!%H3%JY(u5gN9+o}%zlf$qQD@hfxxoJ!t%RHrQst={RvINJ4#om z?Cxz{T3G`QtqjQJbEI3aIuklgCP;JkB+S@;)LQLey6;PBYw9(Md|}jMVH5e&x);sP z)E$EC0+5qsgOZhtc2t{Myo^0F%!bOgS2-N1l;xoxPCj2~y6(bN!;wC^*qIIIQbjJJQM%mLrq>X6hsbHU!G|?$w`-(<$8pm2xaY ztw-hYsOPRI7p;l>%a4U5N|`88Vm(D;P`ynOZSm>(r@HjJ+Xqe_N9(-ny<^hj(G}!# z6sk_YjonpLPbw;8d<0p5*oNUKC(2R??DCLSyqc)??k**^}F-NJkGl!YJ zG_i@A<5KXmm#drioD(1>O!%v)Fyiv$_I`-a37SrhjR12%Zfv=zKUL%aQ=I&0@AQ6$ zReoNVxd#mJJ~ETr&WZ~?5w&W;$K>Ozmte*aWE}#uYvNuA#Upn z(0pxZ#OwM_3eRs0$n0}VN{H0Ddo)~8N!W60|LgNN`dwD-uL}@*({l3&W*t?Xdd!BB z!4v4~KdN~~E;%E~qs&OBw>N4urC4ye-x)z$844iLJZ*e${7b<+JRZJyP{I#$F=UEg5k% zWLhAjLCpr8h8S#ndbPNXjX5Gpx0r2Fa>Lc5#<^#zk=HSdO|^aepntp_D=Kso z_rxU)$~Cm}r`@t^2fVI(4dR05(aSl$Sv_v^;t8RAS5BrGKS=K#F-0XLACu_WV!iC* zW0wl=K0)q1ePuGK^DUd<|7C9V?E^B7dN_)}zH95}MS2QH9$rWD8y?9D3Q{Pgg&79T#wD?-DA<9C@Bc30iu}L{1JuS5+=y#ssD@jZT)P zj9BcvkeV>E_Htc%bRVtzvfI!@nVZ=`{u#*(wd>9Oqc;uLGkt64#dZ;{O(!4zJa?tY zR9RUsPQJ*wYuuUVX`x5J8ZaU7R^RHPK)w!Y+`q-wdrfPh(ngVDZ}w_9pjHc{f= zmZ(T6Tw0=Qp%eYAP=2I+kvm3tm;d4CnwWGd4pYNZNukYSZd z7SG2@Yf9MbldLOh3qLiMIqE99Scyw^mzV(&!Ew+QA!;7EK7<+rgr3yy8dbRyV~mMq z7U}|Wr{dn#B6hqp(?$5a!6%^^$7xfM1E{q{HP9^^EE3G(BJfY!)Go;7hPtLDU=`U~ zt%Ya$cF9E9kVF{;>y``<^5&}|)q>IdSy)NeBD&l5lb|A>&w*=5kJ=WcBOn(Uy8*@O2{k@Y0m-3v{?=^sG(``&#%_uJ+f_y>F#e9v| z%^Z#%4IPC!oJhHfv3t4gsgwFmvEftENR{nQ1g;~cR?t& zA>eLZ`Gr4g&8>Q`{hPO^CSN=lG#Rz9YTiwWXUJeR<4EBr!*zZlTjZ(}A-0ds0DLW^U zSfxb9R$2uVuV)ScH9j10VAb9h}gjP z>OsouTmC_Bp1*Sm_Gyin19bEt7?XV(93^Sa6`33n8l~apEJ4IxYnXv!NO*~EJ3DYP z%hBZMYF)-D=@dVnFDMtUYuczh;`MFiLg{Wk;~#t6Y;-2H-iF)_dVC}2ZJbQ#PK-e9 z=+X)>WGej>arDprR%RUlxYcv0Y0NJYuF#z3Dja~b+<)EpVv2V(WcyrttB~z$IRn?* z?J0`}XM_!odo)PEry=XI#-Ev+0Ydcj_|N8M!hhD>-1rO)Z?@3ea1a z*z^@pZ6=ce4EQ_;z<}WZ==_Pi(`Mo~=OJ%6d+?fuITX*x)jgf4knkMNY3Q9mBgZS% zX}D0wE@&-A|MRQUDQCl-69it!#2^ay^R{X+Y-*d;L`X~%KaRpn)3n|+mC$kfW&7KP z>HAMDk)fd_yT@b|n5i$j{mg4oYgM$AmQBdn)gKyFf`Ts?U!5IVAj%jN=(%~NF07S3 z=zeF(oBqq`ZQdrY>vI&15kikMltm8z#yEek`5Y68Two#>cx>JvsYirZq8v5g2?Vpi zu_X34#0j8!`}uSA-#=fF6$L!SqJg+YPx~9<3a)v^WRxS)4Vz^HI`8yRKxA#g6Egde zOvNHjyn_#1oeuajV>EOe1E4-RsXoFJWtDG;t6?C1h63={O$=}&(V#+TX%Slnpl+!E zEhK`T{uAK8EKVR zn&X7MN^bxLwh>fZ)vgV|Hz9GLy0jN-&1E(A$|5-24P4(cp!bMHffQD*I2=FE@01gPZybij9#;gHofdf!?V=1n9<^XVB9-l+UiCM!Gp@~dGey|e&dz;ig6DBtk z7Pd^>2OB_*Ssq}$obv)#-Bk*GC+4`ya5Z2Do}`oj{wk3ZtbYVNt>eHvstS(D9-rk3 zwSR@0wxDPbWsEC@zxkacG|MNk`5M5t`YNaKH=#w|@DH16!cap_Ms1vA0OnuCrPh9@ znM4L~-)V@)2G}^_2yrn2`MM!R zJfJBSExQdZ5pV+Z!It6GO@#MjAcjaGZ0V@+gJX-qiE_b<^00t%8X9_-2}%kpilSMP zMy<0hUnv*|wjX$WtG*$MAK~Hm=<~!nQc(=&4xSzUUqt3Xzms_*?v0QW#99qn&D`5= zU`LM2O9iiaR|?^!p$>S%6-k?=vZa&uoFUUZ!Q|83(L+tfMBhA!j5AagxRK%L;yXk**Z5nc8yD9u10pD(~-bU$QUBfC9?c&n%l zRWanc0*50Q)3n=&?&U&og-#I8g_B43c|_Qz4$2}jpd0W8rba{a3*<_-wIt}AL(}Q2 zA{%PF#dPY)!5gAtybkCq(s-*qlNR2za?1=LIHxD%) zt}!saEF}%bh#Eg;XqQ#W*%ZN?t?AOq;+KYk{dEVm9#N0h*s2mKS7=b3uQshI$nA3E zdFOM><94c=7h46a*s2j-3`(;hgAKQE3_t;+80J9^Po~{?z$uk1eG7V;qDr>(a!FJ9 z?aNlppaih(P#z&l-$DEuM{gk6{L$V4lhEZ$+P4f_mfv~zc2jKF6LrM`jMkvCG6hLa zq!_sL7bo=+txS#;I6Re4xJtQrOz?r#aL%~fBxxB|8$^}kI6KK)H8j;aJ#2&d>I&`g zx9w#4Ymb#0o#Oqi@5B~Rm&nJ~gTg>DS~JG;lrXlIYvm?rb)R41`)yB(+45n+5@|R+ zOwoO{yIHYOVxm(EQ@JVP)QZttS_o%{UG3)KORt<>CGJr&j>dcP9=e6 zXBShQ#2cbDAzob28n@HA9MXb!JM+hKpBBBRr`BAN0b1wo29mVlI*e+q=_zS2!_a_ zClaka#E-!p^xZ;?gNmJ;NvPGbBn9F>%$p6WxYlu#ILaDb6SB$$C!ZvoI2WyzU=yAS zZ8O?bA9cjKxTk|RN9#TOnY3<-f)zaPxQlu6RgBzG;^p&c<#|`GBy^2XgpC2FFn%C~ zYr3MG$k-hA#_Bvt*p{p+^$h_FR~&XTIUG{iLYQ~-oMyS?UDcq^&ExNt>wCmZ#%}mH z!@Xsw_(t<#P)iQvYMj>$61cD&ET~`^E=I^MqAW)Nfe3k1zK4OPW+_}l7wSqdx_Ff0 zd;!YbaG^6LO?TS9Asliibv9JXsw7s~&PQaOY4aF5;k-}yKA$1IFi>K&t%HfIwHNxc~rdPWosFqzF z)u2AMzJO|mRh(a0%{xi;&=pszmR&SaMw0UbJw0v7L@nob#R?e|5yCEqf(rCVLQ!wler+y zb$%pjfsY%lJtp}52TD(5i)K6 z&eoTD*I49(2ClO;?XOn0*g9QFPsy*J*ewbc1jk55_OuBHuxK4m9&=AIIM1^X0ES9s zsOc40RWY<2KqU#$+t^Ctkod24!x(vi!60%l_@9Av|LW)8+Wv>*Uq}9B{ELVCET7_j zlxY#T;#SN?vrTblV-%7^FBI{_@h)SpVs_hAf?5;F4su3J^Hhf}@aWEm&EJfVLMAH) zo*jMEVeh1W8J~5IR#=M5ze5eFPi1(hU#2#Bc3*8#=8qEIAuT_vA5y0?IDhLo^9p&w z09`F&bozy5pzw}{^?{>NqkcOjH+aX}U%Z-ss7bjOXS!GZ#JzJnPp#NL71(xfov`NX zr%~DohxgAmezj`f{9VotB<(9U{{zK3@Jpcv2fpjsga230{xRY|qGxY_&2(TjZaG)* z7wtO1{imX4lS~)bL^B97!J0q#hA6ZA2nMlV&@TK3fK~kji&X+FDfXV1HEZKJ^wdYV zG_N0I{Q=?mKft%r!J+>#Mz(m+N<5GodnR(?;=dt4cw5Y;mrTgndJJ#4;#9mnv7is%6}pq%#N zV3_!?E}UV!Gq(a73Il8U(|TS*bAyYO+?XsH`g04b*|A+5HhW7L;GXfe1}A^l0A+$r z`3?QT{f2%qZvTvrY1IIA`Sw&;KEOYWU14eB=kiOfGIS!eXe{7k;^C4-@X3leu5gtG zaiRcD+)Y?Gu)PTgh8MBC8A}RKvCBUqOwdUH-ufjc&#~ek)i*nS88u{gbP<3YBn-U( zrxiB)VE)<9iFrZcXc@Q%obw*g3h`_dR}!rn0k7iEkOEwS0 zEX?Ht#5|5TegzA_`zn1P<2?r|?FDo}V@>XJyK~M4)zht{5~dHK~S!)<3~BXH{v! zEg}pBy8#&4brEI@@=IWqX zExa>clKU7m=f7+K33`43_;+mmL2knjKu?@u25!ea(6$|gfJXco_KwX6FtmXFSYhil zTn>ckMhCbXvNzX&v*&arZF^2Zh#P1qJTwV^8!HK4Rn{Uff0XU z$1X14KMB~YG!=#C4szMR5stsTgK@eBFR8QcbGTe z3M4CniDMiCHz5bqLDcw$(4C;fL=))yF#xA^jN#N_EZJM3CeSk!NdiLQN=+i54cb|- zX_L1QC+0O;jk^W+T=R%AhPI&e_rkgV&239+ne*h9>sY1p8RQn^*H3Nn-AEAA#0kS~IMH%7Dr~vZZI??ZMmbYE{iR#LE9F&(JaTjPxQ41sXq?L9 z7bwPmjD7PAlv^4=i$E@xH*gYK$*8q{fXo&5WvJgzEs1u`dbTz`E~GzB`&^6encbr@ z7QRVB!TNG!+}a6Qm5-CPQlaIi+*vpDByZ>XdkafO+|FotyCQIi=wyuWwnf$uR`~f? z5w(J3t2PzWgr%tm21y=~h%M39D~v^yJQBDUKOxHD43qqoQvi@UC} zx6jIb_iFw2LSdF1zs{08NecStr`>BUmg#J-sHj$nZCsW6df9flWo!I4L<4)x4aO#J z;)bMwJ!D;3y?YN13Tf3;AyZb~saw6@Dg2hAfK;X$HFi;3gXH6!V~RcjmpDkQAqY%3 z%I-?Mna@=`T7bKxXS6~t%I?Mnz1VtE?2Q$TjXUwFSaEC%VI|Dp+vkQBoV}7;*0waO z?p<87xA!KzvBse(w&}c)lm0+O3aAv~e=GVZ)!Hw9(Br*ka zN}=_Bc{Mpe&=I)&UAQLoSwrGHhB*)`m-un|XlzwuHp!f+KutHMYNt_KEIv}wK5Cs* zOc<|OR!zC&Yfg{5dfk7?Me*B@PuXOE~Pp~eiVzJK-&QEMTo<~g~==72q)v6I!iS=TFrwbnnX1x#+ET_{jYVtf?KJ$~yt*xa^MTC$^xBuro1Qp4txAyA{XpqsWsgK4=mtmoZK`{nN2?QUL+@ty z@tq5jo{tmCTenAQaD+vDX$Vg}z}x?eI+lNRiTuy@|DUOg`SPE^1)eeQ{k_nCbDHvh zKJ-8HaW(|zFfq;x$C}Tim3)PAy*SZH4cq`lP;9rty&wORPKG9lr*+Qnv}BjEQVeLO z{dnMIx$ilr4RTXEJfcUI@_2l>`dW^E$U$c{7HE)O-kAlu2)CbbX|G1Jy{+<5D^H5@kwNm(JyiM8$#GX zzlPhFo~Ew>^8ro7Mida<5%o~qRkqxH_-4W)UUG905VD^H>-R10bHZhQ1Ry(tC?u|e z1X#oTsBfRn$Oa38L!>ztkaeX>(UBb_crVZhaW55qLwtOScjRUQ6oxptlkd`v9;b z&Q1iVsd&eq{Sxj!@(X-%+!zMyM~?XnN~z&{Dnc{*XXpJmCv_2tff}bloe;O6>3OE6W%;J{LU9^8icS`Z>%!+*AZKL`ERp|+ zO|Zbz`fkz>|Eo!Vv>Ccy=~C1{pldH)4N~o&z!CU7)OW|e&u@->aLB)L?6>R2%ol@5 zgvqlc`oRG(F9rlo>s;Y4!W}8Nl#(NIwm-K&93RF(m zhnZgj9&HX3jx&V6pn+?C3jh%IeAg=(5Ke&}Le&Pv;0F!F#1x&1`iFJd8wUt|892hl zc}{#W3G^3FYq^p5CESd~>H*f^>P-QNX*)koMRp}GTKds*L(r@O{^{Fqh(4etjX))# zRO_G>*cdu$Cv;kfwQUE~v11Ut6cGexWg3pL2HeF#MedDls9D`i#+k~n+k~Oh0EfW0 z&E%ryp=AB!Kh5$F%K3Ane(|Mmhf&$z9pd!gqEo+4IIR17bSeq3snBm^D)Lt{m7bT-4<_In{@=d;sBi86%~wrZb|`;s zxhodG!AflQ`A43jBgL)fAM<)@wM@K+qrOzc+QVQ>m3{ssP*kSHf*WtiIUex)`pMU( z3Z3iAi4JI4Tu|M{m(!I8G|+>D*u@o8ITpH4slVOU6R|`2gTcn`7rhpZX`6z@HA|ik z9f{p7_+I+9&ZejcME#cz?vp<-mAgS@Cp9v(zy*E8J|d}k87qi|*1gXSf+fKZXJx07_VgUgk_Uyh<1v2&dA%Azs|XEyxqc z42`kiEUNaRhRmq*+?(=%R@hu=DZ`OO7EpaTw_n3}y3?YHzd@Fl#s|Ljqd-{D7uNJ| z1FAF_P}jtO82%w+Dz@b&ah~1wO1}lLn8AO~# zFDO|PzSjwp`l(LXqs2O5;IVzEuF-+eOUMQn^n>T21Xk6%m8uuoF5lREUp&rXyQtQFiHI;_~$OQej@+-!=WbD89eS{3jamH^D_NR+sAX z;@%ttr{sk`T?5h8Q^&Cu4=)vpaw* z-kA1mmp~5y$7sxT1mbgzwP3nq{JmY}8j^a^YhV&DYB_~4xdo)v%`rxdF~)2R z)Fck(#jl?t7giHdV6yZ_%|Ez+^kEvhy_IE#eqQ!n^xr*?v6;(BO#Vp+hTB9$24mTc%8{y`5;Q^;^HA1%VYWb+M&7;AA|Blvo?V9Bm%rP z?02S9*Zp^<6a4;le;hLda~S&C4t6s!M`x5}(rbPQ{}q21{+ppQN<@EG{C&lAT_$XgRohF;wfXY^U6Jwo?gq8P@#~=j8?S4M78i zG%&46|3P;$2EPY-p;$5)Gw_4kp|N)Sm!634iC#w+3C~Mj^XEa|tTC+CeefHi9yR_q zO9Up0<_O$MRWxX4_VbyIDcpi7GOv@Z1JrvaOLiG{fZbJx$ek(towN(8 zK!Dc(%e*2PEN)gnEaN)Z)#a0r1q7TKDxN9KV4uE`4@#4PrAs!+A*>ETC;U0v;020~ zXLn%>T{MPBd7e;Bd^^yZU{D~f7giVK^^yXc!^d<*mt#4XO^H#*R|t*F(4#-N+xK=R zk6O_x;y4pv7m4~@0oz9bxawK{a=Pf|X1U-9r4TQIM10nA{=p*<8)~L>2%0G_`&7(8q266&7CC&puP#yRJ=g+^Ry=e zPS1qeqJW*zQ8vG;l$Qn$j%X|u#qx!Lgk|F%#HII$Vcd6IgFC7MpUlL4#&sP7b4iT_ z3B3@UgkCD|i4w$BM}yOyQQ&Dr5^d)cNMzR~pzr?*fPRBXBbnx~%}^&;Dpiy)`%@@e zxsFxT2dNYC%a1_yJE^=ZKg7HUReuVI;vQ>up9|uJS555i=qD9KKiz&tKP`TmRpn^b zX7342V~@Qbf$f&;wQ52nPIvt7^=pkqK+j?JL@^(K;7$#yI-{U93_tmhDl#1f*P zQ;1zUU(_!2`wf4-^L8JxsC9KLKi}}zVAeM(}Cj|*)2UmE$FiT`h}`p*L?hP?jslKfxwOHxzvpGD=*RaAHRPxH9OgFUf2^FLSh zPZ8h)w^rralKTk8JQ}CT!{q_af<@Pw9f2#Ayd<9h)BSsdq!6|PQ=fi&V3Np$6_lFmK zxaTXM`n8RRW?kOG;g%ygDHZ}1n%QaPA;sj5_Yyz2+BI7`wf)-umS6s#Adz?fzaWv$ z|2dGzN#+*vAn`6@N&vWm*%n zO?$RgwlCCu+O(S=eqAk*JdQHN9Hbjx?bw12t)?zF9}wCmxO54rcdaj>Xl%WIexBd8 z`-$%^7wCDbC0^MleNS2_AB}!7vn^$4!$4h0@W)XTey=?Z(6i;C7xTISVPq&cPX1n& z)u_RJC6&jvW;|a#S)JUG0s6bjbrSYDzxH?dni7>`V*GWpo38gDwWUV4$fZz!lP0$@ z-|p0Of7K_!AS_asmQ_|;%&7MfG-+= zn?wLHh1UF~5HdhElxmwTDiXW!@aS!b8ye(BnX+Q6R=?AQMKsFn{B zH@*eG2PRRX1_s!3>%l$0C{!i5AI(6p?~5#zr$b+EA|^+mF(uSmsNy6Nc>7}D2a`C~ zR)w*{7HqwXSSVVX*~#hw_1dL*nZo2>*%nrDnI#l}cqqtdTu2BLjGB=eGM?1JDJ+5b~P6G5p9C(nY zJI7?mdc1ViO$Ru?l5NMHqD!&)1;EcX1^p8mLzvw>^9CHLPyDRY8M2QBVN5Cm8~vo2 zyU4OnKUkF`n}7<`7WM#upLG9(U<$~nt=NG&wqhB96%1gl7OS@$Z}S`g-r&8etL3(R zeVD?;89HIo0aRE~SopL`G#}*~CW1WPUkPo3weO2^0ebXLxfepGffKR&gv!s{3t$R3 zHwNnJfCJN?%l7Cbum^yfFM8rvZielgzrR2Z6PJMT{^H5h5Hu1GvM;dS|6}?EYlaW> zJNrU2%Em>58av&CWbP&Y&cEQxyGoCjNw~(IHEvCi{Wb4+(CFk7JUdtko7njcU_PZF z0@eTuw|{B|QJ5Gaa!GP}cy?I=%zh!X@c3HvFP8r(tf!D|a1`vyX(Fi1j>@TH24jE} zUUB9GX*(dtS^$p$Xkd}y%53r#nsR}L9fpNg$iSmas{gBSyL2RwM7$6v+^#>+PMw`@ z0Q2%!;r7J=G784-<9MN>(8_8x_m(D1feNQ~`_&=B@7nG2KWnM0`~&QAY55u$-~xhr z0i6mWxzK{mla=VA4lN&w>^!p>8A%**HvNKFISn^p6@tL=?E$Fs8yofbF1sCF*w^x8rvl*A_K*=K9Y#Zl=gw z^K|S##c_GaC}nInaMhPC16Ux21j5E8!pwau2gzuNt#_Dn4?zDTiGpli-W#{X3IgJy z_keYsP!BG^jMr5g{RzyxozV#S3xvr6W6^K?!BwF05BV4*0SW`w=FimWQ?9)mM`;0_ zaDaz`X35AdF7ogy2t#6}EAWHj2yP1ilIp4_jy$UY>I1;_sgqu4=$|2%40pn2RQyXjO9%}?4f%=YKU@}8pcilTe98&@dmGH=^*}*F`rC3iJ+nYv^ETZ zXzW-B*|M9&Xjsq>{Xm*i#AOl>)*L55x~day2LI8_~S|Q6+A7} zm7e>)lMw}0sD|(uAT-thq51O*R#NP$#tZa1a$Uq-L7Au-3NrVoQWJEm70QA>vQH}DWJAgn3e?K zz13&(tMhY)z?#8<-H<#tWlFId1KNH*m$n6{hi@t%mJ2N$o}^tM0*m;XFqpMk6k|OA zhsMr#PQ{R|KshM@YXDmyV^Mnw$0B`iR;F__Y*;mHag5YxS_6AWU_QYy+>6)_CI(RGI>_I!<4K@pXe)MjHTO$71 zJ&9UgzbQ4(2VBqP!s9~av-j3dKH$R3Mayw4HT$)gI5o%2N13O-oH~(y$3UKIO}*SZ z_2#W~$h_6GI!<@7tRvymXXTesR$J5J8@EdrUD^JE`haW9!@izyIES7=0T)uKa`8h- z3Kv5r7$)yx&*xs|i;~L^uGG%hb>}Y6)gvP`!m(fN2y!e!`TAtJB4{fpf*gBSBSPvJ zRb;TBgeurzHcowVWB&C;wQcK<3k0wG_Eu-|ZT~S*H3v0E!P;2&M7}xu`fTGWwkm}f zwucy0Wqwy|_Elfmlb#PljhY+Q*r(L>yGKP?%8`!=kF-W#fx@&s2T5zjC)4S@m-4PtdPcsl zQo&9Rj%6#juI-}Z&OA3enb*DNs}X#t-J9q0(0E6owka9Uixx&&TGYPJdL4bUDc`pA z+0F|CfyEN=%D|%=_^D2G>xe$p$kq8I!8^* z3-gP<+Nhe>C_ca)z5OUBZAUTp+r&*lKtw9qOLddRzS3zt^j4>-A=AC~Re#serHeL?{JD;FzA(o)(Gk#*o^CWjKSqy{Uifya=a^;- zZ(3{gIo^*SMmFq2S#C1zT-KIk>pI|>A)n?m)Iq4%9oN{ z7F5$ALSWJza_xIIKIK)5AYVyQq>3u?MAE(8{I+EQwmG!f$y z=drfQYvUN@4Y#~!P~KG!4?Tq^l+jvJ5L=}kdRwYA9HDTotUvF#tB>$UWa7DQ`K}v* zI;L@2>0+@Rab78fOLHlkj|GoBIw5lYqD`*w2QDwUB1_rfrOGnwqI$nj_4`ZT8dLV` z3XUjGA&;d??ZzKJCKKHxvWct*d*#(D_i9!K>i z9QdlV(118}7&95WCH0xYx(GG@+|67w_T1_9$#J2(-B;hk`SlkU^)+xK35^B^D^*H) zan^*DWb5JvWiLVLWWz~xpL)#n{@L(T$xjqZ!xu$b!MbYx7CxhR@??eN;+VSY_x^}!8fWNFvA%jA}|p!eUyRk;wEucNc)c96`*ij?CUd~oy^-xb&~rhSE}zw8H!u^j_i0CRr~7MTb{FA z%_4@C3Hw_>mg)>4F}l^D<#^8vK2PTZ>;H&4rIr=K6&_j5eN6hVL9R~m7Z;8m`d(}) zTWclSxfqYE>XA!w^$AEm6@@x39P+4t#B%K2n{S3HvN{8w`TCUlH$DJm zg1MAmtnrTd@dg? zFn>Bj!2TbTQT+0<6QdH~`lkEL!R@p!iaCX?kE80`dy>Je*dd~zfrHpR*Xb#9_BGd= z@=?|YPxs4)t4cjx;pZAxbMSE7nD7`Z_8}wXQ?uu0Qh5^jf@Bto-`w7ow`Px)*KlYdo@lde;H z@wKKo7Xh*IdPQ;+XFg{4JAc6$q48PvhAd#;$DP#uCX)^Z!f1> zS2Ti;=b!~XaJQJ&Vs}!{<`22vi;JI$Pz`?`R4lZY94X=dgX_o&ssgT@OZ5(wUQpCt zSYvl~V$icLX+rSaJ5a&57acNM-RVSoo;ISUOnri5wa)}JVQy^7bc;^g{)g+U%zy&5 z@Eo^PMeVGt*{*I%LJ2f1D5_(4KG$CYMu!!#=a#r=%^Gu|HTQNFP^T%O$x{!>jK;*c zm3h++#akA9UPfn+Z&%%z3meffm{I`Y=Pi?-=+GCXC0L4aIE1Sl53uOCfFWynW?;wzEB;jnTCrdki9 z(2W3Ci?+bEe^6x(Y*P+?^|E||gc6B^0DM*SiP%q`XEs;_O9fvd>8;G;{>U#nUv$ZG z!8K8U^YG$4*Mx&l%lfR!h{|-|ppMu8u5;~|1726L%k??s{SeG;ia5G12H+W}PT0zB z)Bc_eAktmXD#^&a9JmN~?iMmHV8uY=e}iR-F@>jabdx`UtAZia8sLXmz&0*6Gx%|= zEz$v_<+;PCW$}(h*5EE_T;ls8TZtcnf{R70$hbDa4RqJ8-O*p@j<_cGGve zDFdOPQ-DD@mY&bpp~*bo0~kgC-CE5Xn&Zb#t*L=(fxB1*d?4607m;NUOjy6}+7GS` zh)@7e$+PckES0Z-I}rTqJO^Dl$wN^rVU$7ydn2yrFoLaD1eq?Y)vfmZ_@C(2DME{2 zB~b?eN%$<>S`d)0R0SP~LP4&{>zU$V!220-x(9M_!iB)Z1cJo^69mlSx8M(B(HA*C zQ$!4H;#31X3E-u4R47zL>;u9zbI>Z4F@OOUeLt(O%&G0d|os@OQkHIJzy-F#C#}@T z|KJh_=om0P3zHXI-3TF&YXOXsc8kRLiD7vLU^Ez*0<5sZPn@fLu}=$(gI^}~n^`O; z8|OnXp}w2d@!LS-{;sU`84LbygeE{lNUDwI5MZ~fclkA^ zZ&tBIeuG+^%6}EG8=XJ6NQG=8OVerlZn~!v5T#bIMoL#)r@ViXj)3=G{}-s`y%VZM zBAE!rOgmvRG?3UmXd0xtu1EqpI@ALb08zLKvC z+HGvUVZCM%mNSC(3L68YF&4PR^Ec%munX{v3&hifok&qI{e%XPJV#GU|7Z47O;+g! z#5%x}_?bR|M3=t}gg6YrfwVy3gZ?c1o%6q_ML)Qh!i~eOBA_)p<_N(~0QhRtD3GzW z_3#AnyFba`lM!bN`N4h3Nw5X@RoKHOM21Gd?eg+NtoIgdMLSk?7DRJgE)C)UC{g1# zR;fk6$fqE;BJwb10EWs0px-{Hg;_U313*=xq3Ws{{3@n(5~N36>U0(5wDWTS62AuE z%Syit>U#i&Vj=rRDUPOfjg>n53$iNn!%v?hQ5{HtSwwtB*v*Q3E{VT~n2ac7hb;a{ zE20Cbk~s7;o2VxLvH)$6(|u7gn>Yo!a}Z_bN{E7-zc+udz^(j7v&t1XXqMFw@fVs! z5u(fIz$j6GJNFB>x?g1aEtM%eL>zv}xf~8O=UBbMB5!~#Se3P)tlk2Bl&#kuAPZDo zGT`I5gMhq3^9m~$XxAt6D5mfrj((bn1X>vIhBPL}ntN@D!xaGVn#O~>a?hbbywMLX z5mSJ3OmecL>g9U^&BdYgCk%k5K$Ru1h>N#Zl8a31i3JtBw0{7wk^?Y!hLa}Kn!`;& zc|+jFKnCarHi^w)7omT$i=x?lQ~FG~ggrk|Er4KIRucFA+I}MVUo`}s77YXZu7K&1 z-JcM}jB1L8N}w)IZvH^m5yq5|;|_@trWMuHZnI%0c&B~cDAfkf-7b$ovF zjW^ylC%thc8C{uj`R7$^j-WuT<6AI>0#Y=2h+$58QKlfexqAOKlwS!a$bMJL#>QmZ+~#zWq|XBlW{aD3mXddcpF2ukZJlp zltVlcbXrge@UeqtRa#|W+|b8&@ORASU92RqKN32KeXICZ>eRz3w&)&E8<5Bj$zK$j z<|k3@7V%3!06-l<1#CU&sMx08@E1V0iY_gJxoG@M97(EJQTePtHZWwR#W;2VOr}mY z)Csf!An4cyphxRyK;({R0o@5^yQQNPlx#@@EGfozGV2p@^`-@?dtWG1G3-w?OAMS5 zL9{bKd<1q)vP*ZbVs^Sdo!C{D)I1X?m|ZpOeKI193t;3S5GNH04uEvaEXD?K?g_k{ zWLJ2CS$FRw!ScZXY65?MgCaDw8xWDM0BKVu1Dq` zh&}~sE=~9*#tm?fd{8UfycojeWo!*Vg#kwqr<$NVr<$MxwIYE!i!-WQ=r7w2)tuKchTiVa=b9U=mnTXPW~lw=pg_&kFO< zaplT=QSVvX;tLrGy^%crCdm8cdqH-I4PMAiXu@!uy<|uz!Lgvn_FH89_SU}3Ws_6) zQobCL>pHaw6rTT3r!j`l?+juZlbi3lkHLlB#$G6utbL{xvO~c4TwlgV=EDQ&Y60m` zPe!GcJe6=aPXNZ()$qp1X*gmR?c&|F7X}0#&VBUI{}fhFOBC8#0`=^grL}b~5QLm0 z)eT*T7-qX7hXq3KD_YGQ%gDb1rHEdzWRFW7+kO$Y5jid9%eaU+QFx^GLA`y?fwG9{ z8UBE%M<$U+&l5-7f(vtP4nFkbpTX{^r-}^~P8%RQs(c-ME#1Cn6V7@_+9V%F$Rk=7*pB_w^B*)f_ zFSznJ!WCL)wNH4;J!;9X);#}#C|jeDIupNPxnhtSWEDjro}zbBN``RNLJ>W<5NtPD zMbuH=B($p4pg8%M=-z8SC^BD+n~rKn;L+J0|2nK1C3b2!PF0lv;St?e!bM&c?wXq~<8S~srD#gcAU z2aX(~J;Xy#u9e)qVih!`w0$D*^hv#yrir@;(s&g+>K__#*&WV`Kvq~OQah)et_?R~ zD=%X-2IKccK35O)^*Qo{+N+RQFJFJpdiO@*8ZNYHwX;Ai9z?PopioGtoV%whtOVL% z~@uHXL4Tu0Y|ckVSC;YL?c9?YFAY z$q5@a$v-%COm@Nte`Z4_4lT zdIVDq^bO&@JCiuKzc5%^l?o&KOs@s!jkfbpZ}SHGBZuyLz8t45eMc1Z)%!sK2kWE` z|8Z#uYyF6~oa-P{g=$PIrdJIXmuq5Ff{wp!Nl|M^8Cz;?+S9(6r&xuFPFpJ<>(Iqj zcZQthiVmX{bZC%*%K508m6mc^rAAbqDTj_jv6+}KgEpTY^BY%0FMGdO6VcC7xI?!a zM)XJx@>Y`Q=LIOU=ct>KUS<~f!82@k!@4^UlxRjPRh48^pVRzYf;`)9!k~H6lPQIR zbyXm^$74}PpyP&SlI7BTQ>%y8ca;dy-VAz^J!UKI2##D$^l&V~0m>7qUw@wmPDHRXXZ7UVLrKp-_ zQSYua{SnuAy)ipuqt25+`QmI?%@KSpJ_3>~m!#hj;&Ob?8(ON7slMdts3%fHQYy)w z-LECJIdR!= zUhI1Co7$!WTrzoUX5J&F9jG!5H2YSp!eonsPx&q?_GO$)l>O~#=W9{@$x5EGCAPxW zTDJQ)?C^^l$H-DAhf{;#s%Y1t*qV6Ls)0SZR485~>-*i)1`a;_uBr_Z-u=RxMCe+~ zj7EU|Fkn4~gQCx0Gxt#99Dtc7nBVoqmESQvOgKNCO>4ThNBmSIf6ig+_`c30%&spO z312cx&QfJ?d$~};);7ZoON;Kxg2*@S-_&n5%N~?YUW3*GDh@%9AR{FlVY#EV&p{p0 z-f_Qe@6VQ`nOiok+w`c%kddOF&aY;%c#(Itw=4ilM16wYHw%pSi4Fh57Uf_tHp0+ zdJYo=>jxv`YyEcFzcsTIXSZuN5H$-`|2Um&6R5R2ax{y}lYNARFBeBU(F856PqbYv z=(y#)6;xGnye}>mbneubq1Oik<}B~8+p5nSDDWY>!Bl2lX>NyI0q$g3XTqto zj}?=9BD}WWZphU(th_malz-(XbRY1Xa6zywIN=#CayBkgL}TT8cd zzt?TcOw3F_Py-lb0UxwAhf>4y=pbLUJ1YgdwYL|PDKE{npStx_`T|;6>H01Iv_YJJ z>+WB(=mS@0;j!XqADVzA>W{W-g&nsdHi2 z2WP|Js&q0atj4@Fl%_45f^Ilzxm8Lb8P=06XSrNf{9xCoa6T@N%aNneR}yl(7)Er$ z;C9rzM)tbWyp9_MxD%zn#>xL{oF`{i$H|3#z=U_YUpzCI{fsa)ZjNQ{CS2iXDW^C+iBo?flByEGMILYjxT+AG&c&F;QY)3N>2pQllnlgmHY9GGm2m1o)!}>WhU6krp5V{4-Rds2 zJun%xU(x&7bbKRn&`A{8BM%CI_Ul(;chC*f(WsLxOdVf$TRWb-Z`t`;N}KjrhoW{J z+Hv=AGr>ca6~gAhoTQr(=&5G(XRhiO%$6lZBipQ(;%uLnB){fczWlc0unu~-wD%9X z3U38|3q7bR0Zu;*-_ybm3Kuo^M!xZnyY?xG$;PabTd_-77A{DNLBX8*V0<^ zBY0~HgU(o#?ce7-l2hhpu3`HyYWG>a{yv$5btfyC*C;~OI>tl#RsOgjEVq%^xmKp` zrp%SC+NyQ-Zyx3H*<8^pnZKjw)_9~N^}akkmvIWCM=`R*Y~WX0V2!PPB{{KB-P z3{0MDuZ{Qye;FqcvAfuIr>$gUI~PyIyyh)fFt&x>(=&U4aw8|TduNP)nAB6U?!;&6 zflD$YFZh`(x;|Bm+!+X8V~^)eq@T& z11fSDH?_n##N6|Rc~BZ3mLFkd7_cv}NKN1EOYQXL2O~Du&bFY|T{|U{KgL$0=Tc_} zaaAd$^n33S_b_I|N+!LAEtv}=F$3KRUls@ zY&}yzhin+RaUk3it@3^mh0t#tTeV1y{)cXs5PGyx~0yG zfHu5b&@nYF=Pqd}t|qf}G*~g*J9;4Su;J_jRG#Sv(l)dQGIGxTJtbOB&x<8d$@>R!ZDbT!28LK)d-s^3!L{>a*;Ft=ge)LxudF7Svnf>uT)GS$4Z zsG8<)3ks;8qu)T+>r)@QDlkqMMC~#bzuslz=3er`Br=UkAmbmfHJo7UOZR1=ovOqJ zWD4@G$7Noqhrd#%WPGH^Ev{YfanZStWYvd?WUs;e@fCR30$O(o|o7=>H^K8RHJDtL76FpQ`0pU5*o8^Ugp3DO)cZ?f7`x2MjMEKU_ zF!$ptk&$e85cxcP3-tm3W;*T4+wjJ18kU=<^)H{@6N2`E*IK0?AHgPY4@2F(!;?&T zI%*gvKK2$(wxFEulgmi5`V{>Ir~;Zbek@`TouE3v=gWny3=$2Wz(M0+B?j^-9W zx)@{eeBq9_*+%|NT_+MZ2-ta!EQ~MWYCx$3ae6al=>pw-_~Vkfqw2INx5~!E@B5N< z5)M_Zg~w0U6Kx0R>mBnN%?=)4%K6<1lx~E>eUMcc$qR?HeuoGO3^`;a`WpdMV zJ)ON$F$xbGvYvi3<0YaV z%@$^LuO@G_P19C9YGmr2zl8~ogt+*uAMqEqL`6V1%8-MxA*JB<4$UjaA7IAl9lm1T zz?73UPI~1Q@0B~ zMNU{>HPAOMSts){P`i$dtZL?Eo?%6+a5U5D&$Y7##IhjcM|B3(s;Ii{=}QN=O1w+n za3yh#SW9G~?#LWuMS|>c$!ES`w1&cjHqz_#s$*81X$b{Kf=gaL95}zf{6>q#lk3Rc z4{GQKlbGi8^_045xH=Fs=~)$~;jrA-(2%@h^481dXOiG1uKl^${f%LfMPw2Da0Bu_ zD$l0|$2}3nL=Y(vslgiRU$YnEZ7QVeBSb>GoxjL?yNyb{bJO9~;sW3$xtMnl7xoou zkz4||mh-Vj^g9fiW;?=q8depjksakv<#(2BSG?XjXq+B#Q7_3*U7&P}JV`mgf0$^_ zKHv}+L!=~E_sB&ET(KN*@Nui)xAv^xeMZFe@JRISD|S=Ug96C)m>rb(?9}AruP43V z>t<>~MG?wdFNO1(dP(#r5LN3Fg@mZ1wJ_YkTB=YLA;@ZD+s%9(|LQo|fY(O4T>}0Y zHn_$Fle1>BQelY_*5Q)<)WRAR4!bU>lE|BQL@%EzP!lU=W!V*ZS$)#tDD*59Jzw^0 z+wD9Vi{7>G0g_8c)JTR-n+@Wmx-T~Xd5YC)P(LDg~=0N$?{P@m$6&@co!ubckwaL_bP> zF@7YLx#v))Qqlx%i{U!RvA}5B)oac5W3mrF`odCq8FE*czVE5L;a-SsPDhMBKXDq4 zH_*`7j2z9&*~N3Hv8mv&p4j!bySY5;vsi~3KuH1|jx9>RPoSGKDrF=oNBWxhCthom zmX*H8HB{CJAHJM?0eig<|0#v8j^BcnV(L?Y)4PR!^1|~oRLy&?UJ8~TE!8vwSHJih ziW6h?h3nSK%LQtGhV?*X0#18hI@5_B01Y`GJ=Qi-C|+`N(5H{~98ImLOErA+#}%I50RLY_TIjylfY&C6Z5oyAR+`hZ1H z3Nk38WS>g>hSvbWGV3!((XHCa2G%mu%a)rWE zsR_kNM&JHO>2shhZ9dZx5&UGEXwReA9Xun>&DeNkO@z;|&mDwa*P`o#7CKbz30xdq zXZ{{Tn%4t|mqwo-<;Y!<_c(BvH~%Kau$+!#=wX`^j!*(ZgS=D(Nl5#*4f55+4^bi~H&ta-&smYs@j@GO?F^nO1oldvoU|H78T>|v#- zlpjVTstT=?TS|>y_m1~OWGA$;3cfh$$?da_)H}ZWW~$))Mp)HhHXp^VM(Cc5Hnq79 zFKK^)j-H6)2KYtvQCTbTC>u}3A-;E9wnO!X>ccZ6@3BPy}l&oy*fzL@gJtPyW> z?^P4^(24W3PzjZ{FV^z%3;9J4>I1CZ9=h+4j9#EWuas;K&F6ZDvT$fcj`n0Id+W>1 zKif8he9E&4t>Is}f~*$e#+;_tkb6;^`W&6!G^IAb>J2?b%+n6ji2UPz?~ZHlhzDxX zgtcv@e3|rIa$PVcfPx=-okbZQ?x9~n-(incIXHXS1${qu^^U$-fBgsNbbVAJ?*K{) z3UY} z-89u=Q4i+^R!YITBIn*?AH=sOC`=G~4j%7dno)#n;S!Yo+yO_i6{AK`8g;Pr(UEKC zJ&x7GQ%vKS_7r587XY`LFVLZv4)a$gFVMYvS{0MIn-1=F=LuhXtdBo|^=55d4Iu)t z`5SdK6f1z)lAkNdCSL8yubFu*oi(Ls%EJyR=KZ$VOw`G3MByF$q_Qt89yuro8%EXOdrq{G3&Tr~dJQQFSDD+axIA-s zqYgR0j~Txm;~*RHLSK@=uelvx$0ZJXJ4KSxP~ol5L}y%Tb5+-G_qx6R-VKJ+m9S!w zr>7dv>6dQJDBOAAV2wY1dLOlXX|V8a-Y8`{zigmnSn!0B!kNf9q+AzL*&xREaJBoJ zzP|8-sA2rFq~aLlwUH_{N=c2(Pqaj`ya>jhq=cX&yC(eCvLI;Nu}U>(I?3& zq2(e>i*^iR*bph2(qI>mgjbr*PPClf*eZspt(rmbBA(dMk;CA4qCT%?A83Wkl;3{o zz!vXtxz$B*y%y)IY_7cx*I-f^%)9hR#^73>n`2!?zkG!ze)FxgJVM|*`k~9*NVzN@ zXFIO^sB_a>#GfVTT|a$i?cjEXX&Sq6U@KKK2p5SMlFxZm$1tqvTdm=s;g>uHnJyO&MQQSQlZ3hSPVq+eGjY`rFI=^c z-Pi-7LwWs@(=)czvY9l`S1B*~@&)%1B=t`9Y3{PA5Qr-BT6lA_Tx!xBq#?kE4D6wM zQXU}J(tWD@GBifo!2W1ket5XAwQ>q`?<2SGb+azFz1+};M@;lrqCGC`J#R(*t*k@+ z8etBzDvPH^@S}&4tnci#R_I*+tbWjq$H}-3C9Z8sm7-msmkkNsH!-2f?4tx{)#Be| zB@4SA8mo>%iq1YW(bekl+d{uY6hdL_>8e!nuzr}-2Xp*AZO!2bJqhR6ZRR}1^E(3f zUfcLc`I_4)(!-ORLULq*FX@Q_)_ruX)$UfAHV|pu(qS-t>vFtJocPOox~{@6g6A*W zyls~Gx@H{w4SocjQ9(ru3^rGpwmEyvZXQ?duZJ?>y@m>hcOLs9^6A;`8$-f6?;Kr& zNua_va7)C{8AF6xg?JU?_mqJrtl~{+FEwXeG9OD%w2Hba+sKN4-XPnBN6;rJ#?`U# z9Tc&eJjyM&R({KZ?H4ad=yQ&Guk`u59g`{_ztk?T_iRhOpzliQ{V*U*4aPlCR}o^$ zLm@e&apTK!$)4-;gwJ&DNY=~w@Y!2sV|9VhnHz!HB^LA`#udyTtb}}gI7lYglGvi* ztUQ6v+Z7$~*5QlZ2SZxs^ucxT8pG=G36XKsMs0{J6zr!` zf$LsexawtTVIX@ka_E!cwe^or`cIz;ajtXWtMzZ;?SyUB_D#X4Qh0KyLY5}}MxtLV ziZ8+EH*_A=FWD|sTfVo9p2n~lLv0M57E1577j_VE(b&h-l02hKZu_|DbpNPBy!G;f zC%w#!N!Rd%wFnXHHgwof5q>HwYkb~ZF~vsqJu?Mo)YY7iF-xbH&|;}7A4XYt)KJ+X z;lA<|B1gX6CPrxLR#?LpoiCrZ7xTbR++_4K&he%)udtG_vgS^p9F)52Z9nIP%mGAR zf<3&iF>I5p!B#t)=K8HU4%;>s9N0j3T`pzLJe@;%8#-LG7?PB+{7zUoUbu?)G4kWu zQ-&_wX@uuOmB`I#i(yj5WPnVEMU#A`xn8ohuV3QLh`9D$;RR>)pMIDgWOR0YE5CA% zw?=lD$>#gY)Max0%P*eVPv~&x(|OP;KT(p+rVec|X99((B02p-opDgDwzr zi@!{tOhNVVNx#(Jald!}0T1}KdhuB+u_U?xxY7m!MEuNS^z)Q96S`YRp)=y1t8(}u z?@sSm;_5IvaBimDkQK~#X9gmWOCV7BM(Tm(f5!m66cv$!r}+m=To!O^O()ja6D(p0Nw<;0^zC#U8Jwi>l8wn|X5qNgK^vV7ez!rVw= z*dSkCYgbFXEFpI7L+uv$jpi%oct)r0BknF_G(UiCE8Qn)4;Icf|NNmC(!}&>^FK^x zzV9B~tw`PxxTa28VU%z`2OUa=XAB{Gpc(;<>{yksyojTf1zT-TJ50NsDSVX5Tqv$XbGCf8Uu*u4Y3SG&pq~}CKqURo3R{kBBw{elXD7m$xaGrWNM2jc z53azdc6~PlA}urv{?xDiw#4Kam%RCor~US8!7a3(m9?Cbe%G2mfJi0McNH?@K7*Sc z)|W`^sLP#`-#9lPD@2GR9l(fTNM-|?&4XGZN@1VN8r^LdxPDa_|9|x__m9^9Ids)y z%&mZ~dhi!rRojb64-V)_0hw`Xe#PE_Stw`M_N*U7)#El@Ui=2 z9sMNf4K$50D$|wv^5nPoy(JK)_Bd+;>=pJHc%dohg$D$U=K&vv{J0JDd>{Qf^nFb_ z)*CRyJl@EEl z7}F0kk7`=f6gtg(#?&>xKA_M?9GWL>gvJcp5tLmdrqg%TMG^CCx2~1&^%56eCTXNG zjK81%ZaQ4Zg!_YT@%g2)*MaGefKirbLl6slCh+tvu569E8{YVQxUGyWRspISEf)t2 znAmh^P?tz=1-dAK4yZ9FtiaOU2E;eA?o(Lmkt#HymbAqS#_wR>R2$}yVt#C}XG%z^ z=Hnj27~Z{s0j=Skrj(Kz$<#1y0jG4wZ`i)q7QW9+`M;c)mT=RdY*L^`f<$;^%3M`# z4=x;lOac>*8VZ+_&{n6!72n$IzI`{Wb`w7tfBrmOmd)Q!VN@Jh|N1s>@S;@k{nw9% z_0cC!&lO{`_f&ErPnO6QWjLL<;Daz(Od=!JIk91a!%kTyj7!AL4YvFBcAz)N=|^fv zgzKq(CZlv+o6kB?PF6t_6P1vjvqZ1qY0t`)gjX4sw(F*MZ+KhLBW~PyHEhDeP{ts8 zW|l1=ONm=v=VQg!zJ1?Ez*r3Qq;ENWdT1N=vtuT<4NMFQ=&9q5^rLM4jop;kU_gXh zA#+mkVM4*wLG+U%)tZOO`Pz5cxCGcf!^c zJ%vB{$IMJR*x&07=+;yVqntM45CHAqbq5pAH@S45-R~PJKQryr4=ELt zEzKbk5o+b@0r?lsLz!jW-2+HsfQrtMY205jjfR0^pQC6%&`C7@`JSGy9+plPommWkIU~OiyVm4@ARpAF zhXC0MW(jJ2t5d>m9f2hrbGIRJiUoLyb1^%ML3~?Eri%vfa>35TF~&gR#iH z;qU@`Wj0Y^EC@95GGpGKJj>kHFodgv30<~FP;icMsIF{tGIr8;$#!)lI-b!BZ{S=& zhS=hmjjfB)^6V`vIv0I<*>3@zsbknk^?wOqDWK96y zzssp9{`$@bwOS&ChfB^)VI_0KF~GkSjF7K^E%t!(>bN6I zd|qL>frW<#QxF^B>v|kxh+RisXRuPJa8FmBX2mVI#dmgEGy>?{Kc5>{KpI4(NJN@d zP^o1m+pt(GVBdu#NiUH&a3y*{p7svI)B@ZN0zlV5GK7OPotqZGyO^zD#t{!;6`_ht z<>HuglqqvwrmW;ET3Bik*L;s&!e5zZfJv-j;Sqz$ z5SYY>i_kU4I06m-Yn(;&moF`jbs(2}}&#-Z&pXj5s?-(ZFxfMMj zu$xeuR*!q=_i5i5$@BnQBpIVhZyp3^7h*`NU7fV>G+TR`HV>sYHx&ALHD95QTPdG6 zS6982amo9ELvEqO*-LvrZ|+Z?2A3vstISngo|w2Tni5NgEdv)%J-eg$wS>DFc; zes#vDCY0uNSX-gRqQG zCgvX;9Xg3y2`FScTNyB9G?{0Zz?SFakI*DELk~bLa*il$W$xvuU0T zFpAfo0mo$62M@F?drOw_*?Hxi_|GKQL)wqd9&$ZfJXwPCqvUM+cElsxBn$S^rsyfq zr3xM1;Wp2)2FoyTR9C>C%k2Ek;qO*hm~SL}pQK^IdffwOtH>M9vDy{)I*paO?YuKc zk{@LExUswWxtwQ-bPnq5zu0wOua2LN-@})6mc75OweE(9>R|^f0}|Z|5x>a4#LB74UnRWEe^7wgmHBF(L%#0?TYUcDk zXQs;(yRY|scfa@D@AF60InQ~1zu$9zp5JX;EhzV)9cwDGn%U<|+x1=*o_hA<4PUR0 z=Y@CoXWmo5v}qu+F=R@4v%5) z&XNhV!$~J=iW-qxYl?MgmhaQ&WXJ9m?Yb|KXErx_kQSt)a|ayYNZg}3RQ=yFAf{bQ zK7y!bN$swqVU}Jti`&NM8PH#CD2~v{+`64#;_LrLxAtMn{UiEO?k66sFmB#k_oLn3 zgoRf7&UHi(`;i(9;FO)?77TP&#aRh9;0IrS2wsH;DS7y*&yAbX*XzG(=;Gy=2 zD0^Y+h-?rWU^iq91CBrKjb=f4LBkHJJZHk0+i91!Puw~2acpv>lP{zS#%+;ZLV5?a z8-ofPY+!Q~2A-c{0!KR@g!JQa#@nR(w%9C2p2D$Bq}yBru&0Uicju;|$fL|?S|mZ* z9j0d7g8h_x2AH-LkoNYg%c)G=b;mDLuG2Vi?{R;2SWBvmwzZC@8BLq-m`Xl&W6tFhkF-K_i(>TjzO61Qc_dU4GN>?! zOuU1MhdYCrllj(fMK$_*609Y(@GIpVz(336!UairJ)9BX`3^>o1bOwFW-?kH>l(KHFo3d zW$rV;j|TfL+C@7Yf9mTwDq8NRc0DYmhKMMeK%1B4_%75>@I@8=J#nb&Bl0k+)@MUp zoUg`0Bcr-f64Ga~CI8=Q_pP zxICP`9B- z$)+Y>XG6$2%s8c8FHiTV@zPnGs-S!LJCz^Ssj+!;)6@934|H!7E)~YIkTFK|P9@?{ z54eS6#!a)SaAHQyF)(!=R5ilr2H*0V!($yXSfT@#_ENIPyNtE%ey!fmG7kDbFS>Lo zF6#!{SQJd%8od(Wap6xqJ6%;xrNA zc!&T>FxVtBN)xo7nZF0>&@yYX+c&%VWj!kh&!5~_jIKV*h#S@ehEb||$K3>DuWx(= zI)RL!d)L&iKBercu|-$X6POuFjdcn~3xy`c-Vv_B>sh~IrF)6p8xcZz6D}u=%ypt2 zLB{(@Cu3w>(Z!*t$9k$N{T1xBdnI@Ae6%T&rF#z_h1asinaTQ;P*u@yT4JKldCbU+ zx>-A!Hp_cgJ3X=XtiYqObxY$c?$tA)!X4V6^z*)T`s{k!qReeO(vGF3R-_<_$h<7g zcNhHxQV{U$Cr+_#Hy-YNZ`mGY!g{$QWW_A$YvS&d_N-RWDsA8S;>jO^m-tmBv8}7F?7`#q( zba?KemwEbTExF_H>bBaw{AU%DyK8D-2i_2MZ{?XSIAc7q?T7NLZ_gBazuEoLXMb7z z1N-&A2`Lz4F+8^=Abz5AShn=&W(r)uNp3PG7wf*@fY#@13Q)s}a-BmCGuh*-^s-rF zj}^D4vbHZ@^o-~|97dcA=iWEwDI5vV1>K|f$ga67%s<(+KQltOebMt*%vGKRd)RXg zo7wJxm4e57RZkf8ymLn+i zF?AsbN)@uz+?Wbp92Jju#(REahGigaD^6M1O+#l}{W!PkyZNV!eb4ZyVXPsnHVnaK zO}T}WeMGr)D02VU9K_xGMEafkd*1^c7RWr_F4G2sDVr=Gg)!b|!b;I2YDCxg4#;t8 z3bM6fQ1m_J9F^Z?nM9dv!sdX=l*3b_uP#z~>yq^Pu0MOjT?gcFz~X9wK|)K7L+#3> zXR`a_!rV%lou4Ou#oM){W1$guxtNTFX0k+8PJ#D+gb?>gp(^4KeQcI4*CTHp=8>nc z`@3Cf-(=mnlXbe}=i5I=PkI@J6-|~3B#}0M)**M#lTm;U^ByA8Gmv}`tV;5^@>@pV zsJ78zz>pao6u619lz|E%0T}ONc==xQM-i4+9bDJJC

ecnPD@&*%82nWpV*e!uZ6 z3pI3%Ph@dc=CJB+aseb^$Yc^~etjC4>R#Re)PeNvklET*(bT^4F+ z*D5#*)`{G#L80KNZyMTK&r%lER0ayJhUH5k$@0`=lTYxBC_lieXA3F0H78)R)n zcv1> z_ZS7V4=LIZyh%P_K0SCFL`Y<&$X3l46HJ;QSRSny%%@q+=Ud;Fc7UEg4XpEw_bKt< zQHT532%;g03I@>k>Th!TymF=rb4X<4D(b&vhC$#Bue1NT53A%zL|7$acLJ-vg0u07 zs6OGL9;Aolp&Eo)Rp>!r8jV|?l z)I$2}Fk)(f3=iaEB5K|9OsEA}aC(oHB3U4cav&xn^qNHWvDva;zzF_Op~57FVv1Bf zQ-rWcG$2t&B?zT0>Zm~}*#6xh6%+U(Qh8n>+NL1HcqexGsa|WSt*?zH1cFHe`GF{q zx&R}v`se<%VQCrN#a8L=6)lIb(HSe_4i>Lle=vPZ_u<)6n$^rnB6B`$u){@zKJWCN z8Ziwey7oQ~9kaaRAN5JRgdo0e-Q#`YeKd5%BK!}8ExBF0U019dl9kR6h@}MN$K!kt zQlj64f%+#}*OAqE@iA1gn`pIKXXU}_53A*HL8H%$nD;?Q!EneQXIM{X6i9(=aU$&KzeYc;HM-;Z?@tvW^7QX_%(7A)uZe zNjW+B74vf$!Guh9U@z&M7BLNR-uDuM>CyAXw8IrpW>-PbY!?tBiCP3qgOIKbS3}Dp z0L9w7WNr^kHS#rKMo@(YnwYtUQg0wIW5KN9nC>Ke)P~34J~Bl!fo4$4334LPc>QBE zYXzqv7N?v*cG49U3%h4tgo7r&uW8~)qONJsY76JJFBc}7nYyE@>855o=RL(Itvgfe zP4SxZ)sN%X`{d|;zgpLB$@u%NZHj)Z{XRzDbfh`g?#ql^&J6c#YMpje>2kBvh$;Wz z81w_6ox13Q>#cB0qmc_7{jCxnkWG2vlr8m#^H%@T~u+V5MH82cHRv1_!;X+9lkN6-!%zEP=n zq71(i3Y_5APp^jx!fW?Cy`*wob)g^Q7X+Ke6vR|ZF8JA|cTYPm%v|!mg+JqWw724~ z(dtADW}UV=-GIwND=6>Usrklj5Ws8M@C@+#sZa@DnRqR93M^JyOPsGq`tW&F#;?Ear@b_`6lzPa7K{6oj56{49u?JrLszub;3t2rX>ALD zRVD8&X!9_>HA>lj`G_#>*gx|}p||p{lKSXRQvd%+o262fajzSi{x3)Ww4cYzhKsdvEF)^z=iMO6tvr7E0vLP{x=ZnD_{ie{>&el-l`7>cUED2X1EtJ zqG>{R+Udy-D~!tTExR20)c%>Khfc{F?=)#Ej9KrpOnUZ&BDw|I!k6OjRCzTa+psEW zAmHrK;)>X#S?N7f^z{+G2?5Sq%iHa}U__DBVZv&S7hMv?*V$CBKRg#3V zaZHm2Ap@U^xGY``m&9*}1$$Au5f7A{>4Lz7M)o#hwWL(HqJ`gRdIlOX3EyZ4YhPah zKBtOzNxUMjAAT5s>I_%m<_1*Y#=CAVKsp~W1$$Dp+U7S{wr&F~eh=W*32o`Nr@HlC z!Yf(3e)B(7h+`1!pQwrw#xHS4UzYd%Z71`DPq|;zv&`q0j*OoGJB+CzY93y8X|Czc zZ<(B<2=-EH>uVF;7gKx8eeU&=ic;x9o)#<|O_nKSsgb+(f&UYI6e(X=V@P?R*}yv1 zOKN;tDsIm)q>!Pi)JvLDjdteK1$zR2>_|{~>nrf)xwY;DCrR8wSvYG8uc#mdcWFcV z+H1L{`!WGz)n9L?xdF^A*hJfM4|`S*RV@9REEorG&6w_eVO?ka+=;s_qdjOaVC-6? z-wxiy)}1@M5IBU$oNR4RU8rz8U>fqaP5j6~;rNuPn&&-G5j3e=pBYMfnuo7GUr!N+ zJD1|oHq@Gv*xh<*Xa<-`w6hlLxQgcJo5{C0AL>3{JGENn&Gh|hQlq8zY><9gvgq2e zAIQO;6b?}XS>rbm3LD4P3t~YmbQ?MUJ(Xkl{IY-!jR@WnPVO{FcxF&_1S-PFK&>XD*Ida!IFM1Dgcgs0dXv$^@nll3*2cKpz#GeAndtthrP4L`ImOl8L zKzSuw78ZmQ_kC-jD$V^Y3|4=UxhoWciL(tosGY?SrYV8MhFJMcfFaUhM@}}ZV!&eb zW!i-ns5#1QVg<7XL2b$0<)y(%_;!C9-jxZ|aJ@w?EmjeZG7yZ{txH0cJa%x2$2u^p z)Wirz;7c@$Xv5+j?st{Zgy0&A+~u&VB-bWYOuU6?&QyHNrRi0SH>HG!(O!Hu2sK7+2E<`x)DeEN-_L(?B!)sN9vI^LAa*jgx#EjC1K+4c0 z_**px*gW6t=dKOFX620vjhDjkBPhEJfyYhTYY?KDOGsS=>|YIqOF8Hp1*uFdj3V9D z5XZa>3HQhVY_hH3cz2_yAv+e=sx+9KS0Daezyy}SVsVgw2OX?~4w?$aYvGm`ffP4k z%uw?$MMg54+-eZcc^W`$w-3&ixCbi`iUmn9Ig-7TDWW#h0$rww zkKu5ab?{dI465-A8<9sK-*Len>WS+Y|c& zedRvbdYe7c ze1UTlY+C?w5~5%kh96_Hi<#2QCXX6a#HR=Xj5CDDM59oskl%%ANKy*TJD)9smQ|&J zHnIdZs?uGLSbF}l^gSj1VO zq4D_SXIx$U$VD;9wQrG2wy6k#g+sn2b6>H7sC>g#F(W{I_i8hmN{4+5hGT&MPHnlI zB&Il6jdK>LC6oKARN`Y`{*5|{P|k$&k`O`r?~n`Ebi0j+kNrL?6omIZcLcpisq+@f z`EtavN&r68?FJtkV&n&l=PomVCn9}8*u_){4hA9@p8i+C*@HH^W0NlVQPSv`97r-@ z{|Exs;FF(-i7&PVP`D#xUxOq)M+e;1~&OE0wncY@}{W{&~OQVKpt;@+$ICUk+q^?Q)ZFd*j{0Q ze#IL4T+vEk0>^8BiDQXPoSiCiDMq&&-0FLcA>fNfqD`*g@;K+g)CT@6;6J98We&pt zQY0UQX%c1+Mo8S@##0_u+L#!I!{Ume7$PuFg&cCXx)Dcr%VW#Q(#!SW58fG4*k@V9^jmO#~Ig)cr37q@gOU%+6w9q9P<$Aw~jO zX}WU%6Hxj+S0yd2D6;r3Hnh}x@er=|d2q2cJ`N!YReEn>Sf5=boOTs=F@EH(x7csE zN_Q25Yd08Xe*auB*g&XB?X&LnV10=2^Ph@OhDAJt8-Pe2q7jj25d}w~1kOkb|34kd z=qLyjnRSrDof`~g&VwUHxUXQ^4FVw#aUcY%M8aXlng_Z9QZGdWt&jqh_^SxP(2K*v zn!fPRK(Ocz5zY*R-VpPu>vrpd#4aHA0t^Xfm=fVk)IHo2?CcGEGK=7OYCq56Lu1j0 zDMa3&2YJJ0)Wnm*hmcpEHW;aj1IzP7U`a%(;<%E4b3*G*kfjR+#m;>JRt3T?5hXH>{%xUMP^$@LQWk7Kbk@p@|`JKFH~6$OcM@q(Kzdi$XgGH1DF>XcXe|04E|d zh6uC@B4h@(H|bs}cqeg=mI#!(7%*C)D+V5bToE#0!l&>Ff45IEnE-6rqeWqUfD?rI zfUO3wZ3X-0jj1EA`f`xd_+%c}cpy`~Zz<2wx$yQUeYh(nY ze}!3#NEpSwFgz4^4+$Chtzm0lx?%&QhMbLvtRzyjJPULwliSD$*2K3H$sFNC+~7ee z;Sz{X;QmsSgICt%cRvw87=VRA z(7}SBV>@8%%d_7B!XRjUnIAFI{yZDXGQrD4WAA@Lk?!KfF=JVnCk0}RiC#=mrVZ9% z`i`8bKw$mMflRwR3=dWij5n@33tfut%iIZ!Rstn*`@B{vQ4ApBvH%e9aX_Q#0b?Ve z5W*0lyn=977zCqy2{_c1!D=t8LXx==#h!8aADgv)jHff_GBF--e4=Q}&_xQH zVG+QGI*v>Zpr1c;;7tYeDGpnJy!xgZCHizM78$M0s6{X@gPhXtiAMB?3i!;kXkBD4 zNk&HS$hY*R3?D{%ZlBvq?tDb}W^;eY z@!y|b^Jf$@o@`)uguFh@?e1h32J4d@ZrrV$UKz8pZb{Dc?=8mKzl@r+FZass3#Ut0 z`D+Kv^9e|JPMnvi)PKZf2pavizBw%+nBBcqwAM`tL6|JL3*0 zZ_TKP6j!*&l1^tBy0zas^+i#w_5l`2AE;jcL>K<;9Y>_ z*wqaUoyTQXdLTXZw)i6Rb=_~mFach+X)gI~D^c}aLDUj8dzSkAf)=Gli_4U;R==iG z?uYkS_&oAVA1H822RyD_K<)Abc4f~HRbAgjsqp6Gdr6}D?PcmyAf=L7MN%`X^AQVb zrHF+qBUlf0XKJjr?2(lMPZA9!T*}&QJyt%sjgwx#KH@*Y7S|6nD~`+F_9IqPzu`LV zX2wLm0&t14Gf7}k^@f+NW>scPltZUHu-IQ&Yf!m0Vo%}3g?yx8V?YwmYU7V13rEUK zxy;0_kvg4q8~kbSj`0G{jy+OR{A0^cDDUgL5p^N?E?etqhu?G*?^4@xrk2+hX|ATT z_Jr}sH`^B#T@ubUpHlQY1%8>{>h}uu()UnTW|z{pqPw}n&ScT@$X>gfH$CXFfIau; z!EA4Vyo0|cqv4WTPYU!p$v?-T1rCj1es*kiPjEt2FR2PwmU^Mia@^#29aZto&aAA7 z^gs%hE6lAjiD5HLV%~VIPQ2w&k{CFjow__lU%fKytorv}scNkz`Wf*WB-cU;yKT+Z z6mEyIoN9b4CH|UyN6L?7<8DT|`Btq>Sy>$vms{Ctr?+lXwKrQDV z?z-QuifT1K^YT!u(}dVf875^j*EwHwAJyuZDy_AtYKzGl*{4aXBY!=&F!{`7m3igz zhl&?x!8ahFGroN6kt>uB!HFR35&zd;aq>`3+C53Hn zwbjrb@n!jiyKeCbi+szZlUvKr*=~v?v8(B;G~D>4m#wQ48O~lLZMZv5KE2y~p?8vl zeBzn2qgL2g(uMBk%Ae_2Id3+DDM*r6vd+O&v%t^b)Q`z`-72eESBs}5FWuFN>}Xy- zDlSY%G@b2mB0Vxbl|+2=-n3<;*OdefS1G=|1?gXzz*l*RPVh6DnQ=KWd3!=q#RLEN zv!v)kJ;|HeI&j50Sh&$g!4?Ny+#Z;#-)sUYkt&?gCJ2lP6 zna*0!>@X$re)IA%%^|7F-RD;as#V@^wsqg?89U~Ds%4d?*VU&dV&_y^CKxFujL0;1^&($rE)2DSI6Q? zx!S;KiBr@pTGmpL-?Xls zo^s0T+8(diiC;O#8>sj?$LoHczvnaN@MM;5qI=_4 z{B<8K`Le8Hq#vjLac4@4!4pk<#T!WawyZ$;%T(TW9%CNkF|IPdiRjY09U(jnZtL;q zc8+EVabeoiVc`sE_)l-mKeWAj!S;GUjO!X}dvJ(Bc9nkO$+{**^Wqs6rZL|3~?KVdP=g`lh z++t^F*et(0Yeq-%n%%3$%2=QDyjlqV#E!MH_Gwvy~n(%;cVk%&DfE zkC%^p*=nPqlb1>|A?zd1Tpp|~@kV}Addt@x$=W2*-yX4&EyRt^rN z1PwPG^H*mTfOk?>&i-?}lFEn)a_Q()le1>&ocn$pp+GHmWL&iJ*MZ|Bz2cSS(@EX%j5I^}R=hGP(xLvi z-3a@YVROyLTIg&4JCD~+N;R;}-q|@P#klh}`O#hq&r(}j&-2*YNo#J(WV_-IGVykl zo|`d8`>D3{{GMs7p5kuwF!>3jy|uIofv&AZ($~jOj&U=tjD7=kr~OP@ZmMZq zcwFFoUrXGT0i+9pR7C45`=*Cv8@UP5SesMJ#fwOx>-I zHyHl07&Nb035!zStew{a7D#l5kM7a+=r11g~G;l74YkQPm1L z(nFDdN}&}yo(fXlc5PnOlUc_vlr7j%RDI)0v-9|Bzl++6=k%P8ajMR_r&C+CrGKpG z4&%FMU8}j!{QOIXW%=z?lJA-D#{p5TCR+BJY~oQl-}^@^?E>4N3{@GCusEryCRPKdCPgWrOWy*4NhsPGmV}`pY;_u$~ zFA0`@5HR1zb}cXD&}rMpHyZQ4yFoHJsaOMx0q#;SW@}dAQ!#bnb%VxBRnf6tvW4}! z9Y6hCs^nvpw`p!g$+>zDZO&9v=@XRa>ozBMj&xk5@BqW-`n=QEtV)z_q6=(hGu5*E z7v|qiziyffIW?b}PyMxE8-E}KtBFU2-Mho)U%~T*V~3A!N&Zn%UPYJnA5k}^Qs!*PtW3xLX1*M=SImN zZi3ybSI~gK%FY!=%`baN>!%voaNqa~%+-m0*Tu58qY&(nI~!n#5UOqUwC3 zdKNb_g7X-z*jKPNUP2!Ia^=&GluVZ0jIN9PnlI|_59YBF7&VuS=1n!>%go91OlH-M-BZ+ z{3JAYONxB79vEvsAvA0acRh*`NjJ@H(A$U>Re9@SB_+WKsS@2J`OCp) zX+N2`FbTV!yE7FneFjZamq?CNiocL||E3s*gRRbBbqP@L3XL>TpZjQK2BbOEzKQ&{ zn`p+7$u{GWnqf2;2cwiowkeg&rwL{&DDJz93cLk64fU!}q+lZWVqB#i?H?w>Gn z{655#p@`|&#!Cnw&SHrX{~YjzLf5fk(U;U&Lxj77BG9LWB7D{JVmhcA=aai-`$0kF z`qfgzYI!qNS( zBHPt3k4yp<3T$)FF$qq&0%xA^CgBI?2N2>>^H3x=eU^~q4}h{a>XCk2@wn=ae6+tI zD)3U0#32HGRwz`GCiatpmLD+)JA@k%0D6?%2MJ?ijz^m28;j)kqJ;dG$y6iUI|0+t zvh5<$BW!QK)9dzam_B~KHd0=GEd7Ah^NAbuWu!is$%3iW}>aB#M z6Gaq-k$FRJ4c)*t;&wB9C))(7*DXGFB#mxm0C)`>hMlZe*EISoYXv_H&4N(b{0h}Y?gu)(A+ zy?_-01L<*@49snF@0e+lyN(z4g{QDXiPe{vWW%yEiI^Iu#4#6Ck=chyOQ6pPEyTC> zCr-$a^a7%9*`#^{=&)FRi7XMacA$kQ!lr5uO`T{0eR?RJuhy3*xB}xVcuM#|rM|3; zIt2N85ppfz=$ZYwi)}svNvAk>(HV+*hd@6f6a~~oihLSZMe+>>^V1~B3~DWW*oYk- z$WH-SoKN@Vr;H)MXznZQAi(Y)$hL}j(s*!tUyqp*J(k)E=V)xCe~vU6h(dcHoh=#i z9A|NCPnC@AuOaN+SPvdtjuZK4IhtF~YX*rIRT+%l7D{%(5zS@uIKoj-*&$2>!v4;u zz5m0SqM`f{7dGfn*brx8ZU~#^!y&37@Fu^e2$k$^a)*{ckE4N>IZ+>=Sj}`f^f04=+C8?Y%K-97!WwS4PvSL z6QLkw+gFg1tnrY#zY{p}A{>)fh%iIicsRa6dax>n_LbY9c=cs6zeX?{mIl$gLLYz( z0H~p0HP74M5)cb?UqOv0q!Ug*gECsI0x*HS9s2>c--+JpAna{E3_N%|QKzHA@=~Hu z0Hh|$b8{-Y?F805ivL#x9vvq4rzH;PtEpO|GU5)wjHP`QljTNcrw~QI)xInyyi#Ui z>jGx>lIWelZZtRhJ0Jp7?oNv;gVK&opq=XiG&z2vBBLY9MtF*iZ47a@{a*HymnaOX z(=EwUun-)jiVKc3fmTdctBPVm3CzG#%vYxh~hHWXchB;$Bk!Fra{1Cc~spaJNd$5$c2#7&l&T;W}tYfcgcV>Z0M1jd6q$Nq0UocqvMwpgC z$^36OAv|TIh32xGAYu72*gm`y<~v&UFe+#u=F~Z8?wZ9$>oRzw3OXLHf09x>J7i3# z?0lss<}dIyt}>N+ywmm4;i)MPtsaBIUp6jKQ2kAT)#5M*Hj;sKdLr_@q-_z$vJKa9 zGH%s;btAyr<(r3A=}TY1VzHYwzri|IxHpRyVm88)c`H1_B52_Zs$^UnUL?# zOnbFrV#%vhUy<|+6PMd9B<*$yRjadi_%-);_F&8W-mN#+oKKuja(_olYN_Tu-|)*E z-owj}LvH`@MHS5IHZVfTKX7u$>SOf{eP(in75oD-`TKiGX$C)oKzQo;Q5xW^aauu} zmLEQ{`nuQIoP{U+t8Z)tWjqsF*z!>K-S#jN?kb>hSH3%h?f+R|&$h8#c(Sf|B-bl2-gI&DXamz0Uj`=*#=@@5O zhpLls7bbh|`Pv9<)%H$CZG;+{W5V3dP`YE2wC;J+PjgGY-KD0F{ucen&NNV^T_GH) ziz-ojz~$t3$z1Ub+pK_1wg#J)?JE7Y23MMR7nJwVeVT7iEe)H&D3rqEUCQXfW_?Q6 zh73@UkPQMTEytDw^^(vx%&rN6X5h~c<B#5h`_vVJdY=iqggs2TD$Mqvg zmg1skj=t5K^Rd(&*YrW^ zzTt?8Klu86{(LkC2aycn;GftAR3`sON+cNk0Vz58zrw-)1tF1a!W*^$q~fOgs{183 zoz87VBT)XtGK3?n=_O68_^X(~?EdQ+{_$10VXVsjV{H&T z7TZg)Kts{wU)6JSKggFMtoV4jvXjYy+QtBFYlq7n$S%-!h-i}j1C4wH1OL|EhVjQ9 zP2x2iQ&PVeoG!1k3-^5yn3q!nnaEybS{1wp3Rc{238&{J%?3elI5GLHKbKYmev} z%t671{CffA-^hy4hJ;Z>@@%>zdcJdMiW?zWtb#+_o((BhF^75S|GQ}lb66VVY)jOyBm=Xcp|tXT zFX4SpuFT0}hE!DE0}xgAh9u3y81f%#Bpx42=+O# zxcB`3Yz)fk2%39ACN86Sch&(YWa{8>X-F;>Mw0kh*UZn9iF~;{e6-fN5B_*G=x~qyE=!T#)t{ zc}m;tb?h}*9dMhAyf*H!#%>hR*QIBaZ4OBFUpP++t^;Pb%ln_-8Nhk=Y{S!KUu1-D zwP?CZlIE%ykpg!6$lzmZ>V&fsYVuw7G*V7_9jUTNN50zgmV9*^<7Sp3_dJ`K7wShJ z>nHmJHohAF@RWI}-aq-4kHI~Q{d*Tb{r`z3ACv*e|je&AJTvJjSv#JKhb+&-})z+`+!_XfAGSFPc-|aH-EhhNcTSZAHEj}F#rGn literal 0 HcmV?d00001 diff --git a/scb-architecture.drawio b/docs/resources/scb-architecture.drawio similarity index 100% rename from scb-architecture.drawio rename to docs/resources/scb-architecture.drawio diff --git a/scb-architecture.svg b/docs/resources/scb-architecture.svg similarity index 100% rename from scb-architecture.svg rename to docs/resources/scb-architecture.svg diff --git a/securecodebox-logo.svg b/docs/resources/securecodebox-logo.svg similarity index 100% rename from securecodebox-logo.svg rename to docs/resources/securecodebox-logo.svg diff --git a/docs/user-guide/README.md b/docs/user-guide/README.md new file mode 100644 index 00000000..5df2506c --- /dev/null +++ b/docs/user-guide/README.md @@ -0,0 +1,3 @@ +# Using the secureCodeBox + +follwing... \ No newline at end of file From 42e3b7758ce9a28ee503bac8efa3e8ea9cd35b65 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Tue, 9 Jun 2020 10:51:55 +0200 Subject: [PATCH 053/109] Fixing broken header link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index beb1f667..6229b61e 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@

- secureCodeBox Logo + secureCodeBox Logo

From 61d6f50090e8bc53bc8c4912a6a217f8f916f9c3 Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Wed, 10 Jun 2020 10:37:46 +0200 Subject: [PATCH 054/109] Adding guide to build and run operator locally --- docs/developer-guide/README.md | 57 ++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/docs/developer-guide/README.md b/docs/developer-guide/README.md index 1987ad83..d53b8286 100644 --- a/docs/developer-guide/README.md +++ b/docs/developer-guide/README.md @@ -2,6 +2,61 @@ ## Developing the SCB Operator +### Prerequisites + +#### Golang + +The operator is written in Golang. +To build the operator you will need to install [Go](https://golang.org/). + +#### Minikube or Kind + +For local development we recommend to use [Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/) or [kind](https://github.com/kubernetes-sigs/kind). +Both projects will enable you to run a local kubernetes cluster on your development machine. + +#### Operating your local kubernetes cluster + +To operate your (local) kubernetes cluster you will need to install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) and [helm](https://helm.sh/) + +#### Minio + +For your local development you will need a S3 compatible storage. +We would recommend to use [Minio](https://min.io/download#/) inside a podman or docker container. + +```bash +podman run --name minio -p 9000:9000 minio/minio server /data +``` + +In the Minio management GUI you will need to add a new bucket for the operator. +The default credentials for your minio instance are *minioadmin:minioadmin*. +You might change those. + +After setting up your bucket you will need to specify some environment variables to enable the operator to use the bucket. + +```bash +$ export S3_ACCESS_KEY="your-minio-access-key" +$ export S3_SECRET_KEY="your-minio-secret-key" +$ export S3_BUCKET="name-of-your-bucket" +$ export S3_USE_SSL="false" # This ensures that the operator will connect even without HTTPS +$ export S3_ENDPOINT=":9000/" +``` + +### Build and run the operator + +To build an run the operator you can simply execute *make* in the root directory of this repository. + +```bash +$ make +``` + +To run the operator locally you can simply execute *make run* + +*NOTICE:* You will need to uninstall the operator from your local cluster first or it will result in undefined behavior! + +```bash +$ make run +``` + ## How to a new security scanner ### ScanType Definition @@ -15,9 +70,11 @@ ### Hook SDK # Guidelines + ## Coding Guidelines ### JSON + We're using snake_case (lower case) for json attributes. If an enum type is used as attribute its converted to lower case. If it's an value it's always used UPPERCASE. This is to hold the attribute api consistent, but make shure Enums are recognized as enums. ```json From f7a70483403a57ec1e78e338faccec165b2b853d Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Wed, 10 Jun 2020 11:02:23 +0200 Subject: [PATCH 055/109] Fix directory --- docs/developer-guide/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/developer-guide/README.md b/docs/developer-guide/README.md index d53b8286..3027390e 100644 --- a/docs/developer-guide/README.md +++ b/docs/developer-guide/README.md @@ -43,7 +43,7 @@ $ export S3_ENDPOINT=":9000/" ### Build and run the operator -To build an run the operator you can simply execute *make* in the root directory of this repository. +To build an run the operator you can simply execute *make* in the *operator* directory of this repository. ```bash $ make From eba2a3344ad32364c573aefa5ec8b73c5e9e5fe4 Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Wed, 10 Jun 2020 11:25:59 +0200 Subject: [PATCH 056/109] Adding test-read-write-hook Hook --- .github/workflows/ci.yaml | 8 +++ hooks/test-read-write-hook/.dockerignore | 1 + hooks/test-read-write-hook/.gitignore | 1 + hooks/test-read-write-hook/.helmignore | 30 +++++++++++ hooks/test-read-write-hook/Chart.lock | 3 ++ hooks/test-read-write-hook/Chart.yaml | 11 ++++ hooks/test-read-write-hook/Dockerfile | 3 ++ hooks/test-read-write-hook/hook.js | 18 +++++++ hooks/test-read-write-hook/hook.test.js | 33 ++++++++++++ .../test-read-write-hook/templates/NOTES.txt | 3 ++ .../templates/_helpers.tpl | 52 +++++++++++++++++++ .../templates/read-write-hook-test.yaml | 16 ++++++ hooks/test-read-write-hook/values.yaml | 13 +++++ 13 files changed, 192 insertions(+) create mode 100644 hooks/test-read-write-hook/.dockerignore create mode 100644 hooks/test-read-write-hook/.gitignore create mode 100644 hooks/test-read-write-hook/.helmignore create mode 100644 hooks/test-read-write-hook/Chart.lock create mode 100644 hooks/test-read-write-hook/Chart.yaml create mode 100644 hooks/test-read-write-hook/Dockerfile create mode 100644 hooks/test-read-write-hook/hook.js create mode 100644 hooks/test-read-write-hook/hook.test.js create mode 100644 hooks/test-read-write-hook/templates/NOTES.txt create mode 100644 hooks/test-read-write-hook/templates/_helpers.tpl create mode 100644 hooks/test-read-write-hook/templates/read-write-hook-test.yaml create mode 100644 hooks/test-read-write-hook/values.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 08f135b0..55fb00d4 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -231,6 +231,14 @@ jobs: repository: scbexperimental/hook-imperative-subsequent-scans path: ./hooks/imperative-subsequent-scans/ tag_with_ref: true + - uses: docker/build-push-action@v1 + name: "Build & Push TestReadWriteHook Hook Image" + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: scbexperimental/test-read-write-hook + path: ./hooks/test-read-write-hook/ + tag_with_ref: true scannerImages: # Note we only build images for scanner that don't provider official public container images name: "Build / Scanner" diff --git a/hooks/test-read-write-hook/.dockerignore b/hooks/test-read-write-hook/.dockerignore new file mode 100644 index 00000000..40b878db --- /dev/null +++ b/hooks/test-read-write-hook/.dockerignore @@ -0,0 +1 @@ +node_modules/ \ No newline at end of file diff --git a/hooks/test-read-write-hook/.gitignore b/hooks/test-read-write-hook/.gitignore new file mode 100644 index 00000000..b512c09d --- /dev/null +++ b/hooks/test-read-write-hook/.gitignore @@ -0,0 +1 @@ +node_modules \ No newline at end of file diff --git a/hooks/test-read-write-hook/.helmignore b/hooks/test-read-write-hook/.helmignore new file mode 100644 index 00000000..676a3554 --- /dev/null +++ b/hooks/test-read-write-hook/.helmignore @@ -0,0 +1,30 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +# Node.js files +node_modules/* +package.json +package-lock.json +src/* +config/* +Dockerfile +.dockerignore \ No newline at end of file diff --git a/hooks/test-read-write-hook/Chart.lock b/hooks/test-read-write-hook/Chart.lock new file mode 100644 index 00000000..eb7f3a24 --- /dev/null +++ b/hooks/test-read-write-hook/Chart.lock @@ -0,0 +1,3 @@ +dependencies: [] +digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 +generated: "2020-05-26T16:56:03.119255+02:00" diff --git a/hooks/test-read-write-hook/Chart.yaml b/hooks/test-read-write-hook/Chart.yaml new file mode 100644 index 00000000..5047eae6 --- /dev/null +++ b/hooks/test-read-write-hook/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: test-read-write-hook-hook +description: This hook is for integration testing only! + +type: application + +version: 0.1.0 + +appVersion: latest + +dependencies: [] diff --git a/hooks/test-read-write-hook/Dockerfile b/hooks/test-read-write-hook/Dockerfile new file mode 100644 index 00000000..ffe1db53 --- /dev/null +++ b/hooks/test-read-write-hook/Dockerfile @@ -0,0 +1,3 @@ +FROM scbexperimental/hook-sdk-nodejs:latest +WORKDIR /home/app/hook-wrapper/hook/ +COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/test-read-write-hook/hook.js b/hooks/test-read-write-hook/hook.js new file mode 100644 index 00000000..dc84bf25 --- /dev/null +++ b/hooks/test-read-write-hook/hook.js @@ -0,0 +1,18 @@ +async function handle({ + getFindings, + updateFindings, + attributeName = process.env["ATTRIBUTE_NAME"], + attributeValue = process.env["ATTRIBUTE_VALUE"], +}) { + const findings = await getFindings(); + + const newFindings = findings.map((finding) => { + finding.attributes[attributeName] = attributeValue; + return finding; + }); + + console.log(`Updated attributes on ${findings.length} findings`); + + await updateFindings(newFindings); +} +module.exports.handle = handle; diff --git a/hooks/test-read-write-hook/hook.test.js b/hooks/test-read-write-hook/hook.test.js new file mode 100644 index 00000000..9f88db74 --- /dev/null +++ b/hooks/test-read-write-hook/hook.test.js @@ -0,0 +1,33 @@ +const { handle } = require("./hook"); + +test("should send a post request to the url when fired", async () => { + const findings = [ + { + name: "Open Port", + attributes: { + hostname: "foobar.com", + }, + }, + ]; + + const getFindings = async () => findings; + + const updateFindings = jest.fn(); + + await handle({ + getFindings, + updateFindings, + attributeName: "cluster", + attributeValue: "gke-internal", + }); + + expect(updateFindings).toBeCalledWith([ + { + name: "Open Port", + attributes: { + hostname: "foobar.com", + cluster: "gke-internal", + }, + }, + ]); +}); diff --git a/hooks/test-read-write-hook/templates/NOTES.txt b/hooks/test-read-write-hook/templates/NOTES.txt new file mode 100644 index 00000000..65f76b04 --- /dev/null +++ b/hooks/test-read-write-hook/templates/NOTES.txt @@ -0,0 +1,3 @@ +TestReadWrite Hook deployed. +This Hook is for testing only! +This will add a attribute "{{ .Values.attribute.name }}: {{ .Values.attribute.value }}" on every finding in this namespace. \ No newline at end of file diff --git a/hooks/test-read-write-hook/templates/_helpers.tpl b/hooks/test-read-write-hook/templates/_helpers.tpl new file mode 100644 index 00000000..a27683b5 --- /dev/null +++ b/hooks/test-read-write-hook/templates/_helpers.tpl @@ -0,0 +1,52 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "test-read-write-hook.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "test-read-write-hook.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "test-read-write-hook.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "test-read-write-hook.labels" -}} +helm.sh/chart: {{ include "test-read-write-hook.chart" . }} +{{ include "test-read-write-hook.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "test-read-write-hook.selectorLabels" -}} +app.kubernetes.io/name: {{ include "test-read-write-hook.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} diff --git a/hooks/test-read-write-hook/templates/read-write-hook-test.yaml b/hooks/test-read-write-hook/templates/read-write-hook-test.yaml new file mode 100644 index 00000000..741ec426 --- /dev/null +++ b/hooks/test-read-write-hook/templates/read-write-hook-test.yaml @@ -0,0 +1,16 @@ +apiVersion: "execution.experimental.securecodebox.io/v1" +kind: ScanCompletionHook +metadata: + name: {{ include "test-read-write-hook.fullname" . }} +spec: + type: ReadAndWrite + {{- if .Values.image.digest }} + image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" + {{- else }} + image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{- end }} + env: + - name: ATTRIBUTE_NAME + value: {{ .Values.attribute.name | quote }} + - name: ATTRIBUTE_VALUE + value: {{ .Values.attribute.value | quote }} diff --git a/hooks/test-read-write-hook/values.yaml b/hooks/test-read-write-hook/values.yaml new file mode 100644 index 00000000..615aa5b0 --- /dev/null +++ b/hooks/test-read-write-hook/values.yaml @@ -0,0 +1,13 @@ +# Default values for dispatcher. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +attribute: + name: foobar + value: example + +image: + registry: docker.io + repository: scbexperimental/test-read-write-hook + tag: latest + digest: null From ce7acdbc7b7a857a4589e13d37cc9929f72e5398 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Wed, 10 Jun 2020 11:36:22 +0200 Subject: [PATCH 057/109] Add note on kubernetes on Mac and Windows --- docs/developer-guide/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/developer-guide/README.md b/docs/developer-guide/README.md index 3027390e..15f950f4 100644 --- a/docs/developer-guide/README.md +++ b/docs/developer-guide/README.md @@ -11,8 +11,8 @@ To build the operator you will need to install [Go](https://golang.org/). #### Minikube or Kind -For local development we recommend to use [Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/) or [kind](https://github.com/kubernetes-sigs/kind). -Both projects will enable you to run a local kubernetes cluster on your development machine. +For local development we recommend to use [Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/) or [kind](https://github.com/kubernetes-sigs/kind). If you are using MacOS or Windows you can also use the kubernetes cluster included within Docker for Mac/Windows. +All of these tools will enable you to run a local kubernetes cluster on your development machine. #### Operating your local kubernetes cluster @@ -97,4 +97,4 @@ We're using snake_case (lower case) for json attributes. If an enum type is used }, "location": "tcp://127.0.0.1:3306" } -``` \ No newline at end of file +``` From 5067d9ca740399a2f394786b401590d9cbb0838e Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Wed, 10 Jun 2020 13:22:20 +0200 Subject: [PATCH 058/109] Change add-attribute hook to update-field hook This allows chaning other fields, like the category, name, location of the findings, not just the attribute --- .github/workflows/ci.yaml | 8 + hooks/add-attributes/Dockerfile | 3 - hooks/add-attributes/templates/NOTES.txt | 2 - .../.dockerignore | 0 .../.gitignore | 0 .../.helmignore | 0 .../Chart.lock | 0 .../Chart.yaml | 4 +- hooks/update-field/Dockerfile | 10 + .../{add-attributes => update-field}/hook.js | 4 +- .../hook.test.js | 2 +- hooks/update-field/package-lock.json | 4679 +++++++++++++++++ hooks/update-field/package.json | 18 + hooks/update-field/templates/NOTES.txt | 2 + .../templates/_helpers.tpl | 0 .../templates/update-field-hook.yaml} | 0 .../values.yaml | 6 +- 17 files changed, 4726 insertions(+), 12 deletions(-) delete mode 100644 hooks/add-attributes/Dockerfile delete mode 100644 hooks/add-attributes/templates/NOTES.txt rename hooks/{add-attributes => update-field}/.dockerignore (100%) rename hooks/{add-attributes => update-field}/.gitignore (100%) rename hooks/{add-attributes => update-field}/.helmignore (100%) rename hooks/{add-attributes => update-field}/Chart.lock (100%) rename hooks/{add-attributes => update-field}/Chart.yaml (50%) create mode 100644 hooks/update-field/Dockerfile rename hooks/{add-attributes => update-field}/hook.js (83%) rename hooks/{add-attributes => update-field}/hook.test.js (93%) create mode 100644 hooks/update-field/package-lock.json create mode 100644 hooks/update-field/package.json create mode 100644 hooks/update-field/templates/NOTES.txt rename hooks/{add-attributes => update-field}/templates/_helpers.tpl (100%) rename hooks/{add-attributes/templates/add-attributes-hook.yaml => update-field/templates/update-field-hook.yaml} (100%) rename hooks/{add-attributes => update-field}/values.yaml (68%) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 55fb00d4..386b815d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -239,6 +239,14 @@ jobs: repository: scbexperimental/test-read-write-hook path: ./hooks/test-read-write-hook/ tag_with_ref: true + - uses: docker/build-push-action@v1 + name: "Build & Push UpdateField Hook Image" + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: scbexperimental/update-field + path: ./hooks/update-field/ + tag_with_ref: true scannerImages: # Note we only build images for scanner that don't provider official public container images name: "Build / Scanner" diff --git a/hooks/add-attributes/Dockerfile b/hooks/add-attributes/Dockerfile deleted file mode 100644 index ffe1db53..00000000 --- a/hooks/add-attributes/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM scbexperimental/hook-sdk-nodejs:latest -WORKDIR /home/app/hook-wrapper/hook/ -COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/add-attributes/templates/NOTES.txt b/hooks/add-attributes/templates/NOTES.txt deleted file mode 100644 index 84b6d403..00000000 --- a/hooks/add-attributes/templates/NOTES.txt +++ /dev/null @@ -1,2 +0,0 @@ -AddAttribute Hook deployed. -This will add a attribute "{{ .Values.attribute.name }}: {{ .Values.attribute.value }}" on every finding in this namespace. \ No newline at end of file diff --git a/hooks/add-attributes/.dockerignore b/hooks/update-field/.dockerignore similarity index 100% rename from hooks/add-attributes/.dockerignore rename to hooks/update-field/.dockerignore diff --git a/hooks/add-attributes/.gitignore b/hooks/update-field/.gitignore similarity index 100% rename from hooks/add-attributes/.gitignore rename to hooks/update-field/.gitignore diff --git a/hooks/add-attributes/.helmignore b/hooks/update-field/.helmignore similarity index 100% rename from hooks/add-attributes/.helmignore rename to hooks/update-field/.helmignore diff --git a/hooks/add-attributes/Chart.lock b/hooks/update-field/Chart.lock similarity index 100% rename from hooks/add-attributes/Chart.lock rename to hooks/update-field/Chart.lock diff --git a/hooks/add-attributes/Chart.yaml b/hooks/update-field/Chart.yaml similarity index 50% rename from hooks/add-attributes/Chart.yaml rename to hooks/update-field/Chart.yaml index 2acaecf9..462870b1 100644 --- a/hooks/add-attributes/Chart.yaml +++ b/hooks/update-field/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -name: add-attributes-hook -description: Lets you add new attributes to every finding +name: update-field-hook +description: Lets you add or override a field to every finding type: application diff --git a/hooks/update-field/Dockerfile b/hooks/update-field/Dockerfile new file mode 100644 index 00000000..11db260e --- /dev/null +++ b/hooks/update-field/Dockerfile @@ -0,0 +1,10 @@ +FROM node:12-alpine as build +RUN mkdir -p /home/app +WORKDIR /home/app +COPY package.json package-lock.json ./ +RUN npm ci --production + +FROM scbexperimental/hook-sdk-nodejs:latest +WORKDIR /home/app/hook-wrapper/hook/ +COPY --from=build --chown=app:app /home/app/node_modules/ ./node_modules/ +COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/add-attributes/hook.js b/hooks/update-field/hook.js similarity index 83% rename from hooks/add-attributes/hook.js rename to hooks/update-field/hook.js index dc84bf25..5d6335a9 100644 --- a/hooks/add-attributes/hook.js +++ b/hooks/update-field/hook.js @@ -1,3 +1,5 @@ +const set = require("lodash.set"); + async function handle({ getFindings, updateFindings, @@ -7,7 +9,7 @@ async function handle({ const findings = await getFindings(); const newFindings = findings.map((finding) => { - finding.attributes[attributeName] = attributeValue; + set(finding, attributeName, attributeValue); return finding; }); diff --git a/hooks/add-attributes/hook.test.js b/hooks/update-field/hook.test.js similarity index 93% rename from hooks/add-attributes/hook.test.js rename to hooks/update-field/hook.test.js index 9f88db74..87288c95 100644 --- a/hooks/add-attributes/hook.test.js +++ b/hooks/update-field/hook.test.js @@ -17,7 +17,7 @@ test("should send a post request to the url when fired", async () => { await handle({ getFindings, updateFindings, - attributeName: "cluster", + attributeName: "attributes.cluster", attributeValue: "gke-internal", }); diff --git a/hooks/update-field/package-lock.json b/hooks/update-field/package-lock.json new file mode 100644 index 00000000..70c45a7e --- /dev/null +++ b/hooks/update-field/package-lock.json @@ -0,0 +1,4679 @@ +{ + "name": "scb-update-field", + "version": "1.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "@babel/code-frame": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.8.3.tgz", + "integrity": "sha512-a9gxpmdXtZEInkCSHUJDLHZVBgb1QS0jhss4cPP93EW7s+uC5bikET2twEF3KV+7rDblJcmNvTR7VJejqd2C2g==", + "dev": true, + "requires": { + "@babel/highlight": "^7.8.3" + } + }, + "@babel/core": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.9.6.tgz", + "integrity": "sha512-nD3deLvbsApbHAHttzIssYqgb883yU/d9roe4RZymBCDaZryMJDbptVpEpeQuRh4BJ+SYI8le9YGxKvFEvl1Wg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/generator": "^7.9.6", + "@babel/helper-module-transforms": "^7.9.0", + "@babel/helpers": "^7.9.6", + "@babel/parser": "^7.9.6", + "@babel/template": "^7.8.6", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6", + "convert-source-map": "^1.7.0", + "debug": "^4.1.0", + "gensync": "^1.0.0-beta.1", + "json5": "^2.1.2", + "lodash": "^4.17.13", + "resolve": "^1.3.2", + "semver": "^5.4.1", + "source-map": "^0.5.0" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + }, + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/generator": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.9.6.tgz", + "integrity": "sha512-+htwWKJbH2bL72HRluF8zumBxzuX0ZZUFl3JLNyoUjM/Ho8wnVpPXM6aUz8cfKDqQ/h7zHqKt4xzJteUosckqQ==", + "dev": true, + "requires": { + "@babel/types": "^7.9.6", + "jsesc": "^2.5.1", + "lodash": "^4.17.13", + "source-map": "^0.5.0" + }, + "dependencies": { + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "@babel/helper-function-name": { + "version": "7.9.5", + "resolved": "https://registry.npmjs.org/@babel/helper-function-name/-/helper-function-name-7.9.5.tgz", + "integrity": "sha512-JVcQZeXM59Cd1qanDUxv9fgJpt3NeKUaqBqUEvfmQ+BCOKq2xUgaWZW2hr0dkbyJgezYuplEoh5knmrnS68efw==", + "dev": true, + "requires": { + "@babel/helper-get-function-arity": "^7.8.3", + "@babel/template": "^7.8.3", + "@babel/types": "^7.9.5" + } + }, + "@babel/helper-get-function-arity": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-get-function-arity/-/helper-get-function-arity-7.8.3.tgz", + "integrity": "sha512-FVDR+Gd9iLjUMY1fzE2SR0IuaJToR4RkCDARVfsBBPSP53GEqSFjD8gNyxg246VUyc/ALRxFaAK8rVG7UT7xRA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-member-expression-to-functions": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.8.3.tgz", + "integrity": "sha512-fO4Egq88utkQFjbPrSHGmGLFqmrshs11d46WI+WZDESt7Wu7wN2G2Iu+NMMZJFDOVRHAMIkB5SNh30NtwCA7RA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-module-imports": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.8.3.tgz", + "integrity": "sha512-R0Bx3jippsbAEtzkpZ/6FIiuzOURPcMjHp+Z6xPe6DtApDJx+w7UYyOLanZqO8+wKR9G10s/FmHXvxaMd9s6Kg==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-module-transforms": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.9.0.tgz", + "integrity": "sha512-0FvKyu0gpPfIQ8EkxlrAydOWROdHpBmiCiRwLkUiBGhCUPRRbVD2/tm3sFr/c/GWFrQ/ffutGUAnx7V0FzT2wA==", + "dev": true, + "requires": { + "@babel/helper-module-imports": "^7.8.3", + "@babel/helper-replace-supers": "^7.8.6", + "@babel/helper-simple-access": "^7.8.3", + "@babel/helper-split-export-declaration": "^7.8.3", + "@babel/template": "^7.8.6", + "@babel/types": "^7.9.0", + "lodash": "^4.17.13" + } + }, + "@babel/helper-optimise-call-expression": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.8.3.tgz", + "integrity": "sha512-Kag20n86cbO2AvHca6EJsvqAd82gc6VMGule4HwebwMlwkpXuVqrNRj6CkCV2sKxgi9MyAUnZVnZ6lJ1/vKhHQ==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-plugin-utils": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.8.3.tgz", + "integrity": "sha512-j+fq49Xds2smCUNYmEHF9kGNkhbet6yVIBp4e6oeQpH1RUs/Ir06xUKzDjDkGcaaokPiTNs2JBWHjaE4csUkZQ==", + "dev": true + }, + "@babel/helper-replace-supers": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.9.6.tgz", + "integrity": "sha512-qX+chbxkbArLyCImk3bWV+jB5gTNU/rsze+JlcF6Nf8tVTigPJSI1o1oBow/9Resa1yehUO9lIipsmu9oG4RzA==", + "dev": true, + "requires": { + "@babel/helper-member-expression-to-functions": "^7.8.3", + "@babel/helper-optimise-call-expression": "^7.8.3", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6" + } + }, + "@babel/helper-simple-access": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-simple-access/-/helper-simple-access-7.8.3.tgz", + "integrity": "sha512-VNGUDjx5cCWg4vvCTR8qQ7YJYZ+HBjxOgXEl7ounz+4Sn7+LMD3CFrCTEU6/qXKbA2nKg21CwhhBzO0RpRbdCw==", + "dev": true, + "requires": { + "@babel/template": "^7.8.3", + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-split-export-declaration": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.8.3.tgz", + "integrity": "sha512-3x3yOeyBhW851hroze7ElzdkeRXQYQbFIb7gLK1WQYsw2GWDay5gAJNw1sWJ0VFP6z5J1whqeXH/WCdCjZv6dA==", + "dev": true, + "requires": { + "@babel/types": "^7.8.3" + } + }, + "@babel/helper-validator-identifier": { + "version": "7.9.5", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.9.5.tgz", + "integrity": "sha512-/8arLKUFq882w4tWGj9JYzRpAlZgiWUJ+dtteNTDqrRBz9Iguck9Rn3ykuBDoUwh2TO4tSAJlrxDUOXWklJe4g==", + "dev": true + }, + "@babel/helpers": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.9.6.tgz", + "integrity": "sha512-tI4bUbldloLcHWoRUMAj4g1bF313M/o6fBKhIsb3QnGVPwRm9JsNf/gqMkQ7zjqReABiffPV6RWj7hEglID5Iw==", + "dev": true, + "requires": { + "@babel/template": "^7.8.3", + "@babel/traverse": "^7.9.6", + "@babel/types": "^7.9.6" + } + }, + "@babel/highlight": { + "version": "7.9.0", + "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.9.0.tgz", + "integrity": "sha512-lJZPilxX7Op3Nv/2cvFdnlepPXDxi29wxteT57Q965oc5R9v86ztx0jfxVrTcBk8C2kcPkkDa2Z4T3ZsPPVWsQ==", + "dev": true, + "requires": { + "@babel/helper-validator-identifier": "^7.9.0", + "chalk": "^2.0.0", + "js-tokens": "^4.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "dev": true, + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "dev": true, + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "color-convert": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "dev": true, + "requires": { + "color-name": "1.1.3" + } + }, + "color-name": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", + "dev": true + }, + "has-flag": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", + "dev": true + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, + "@babel/parser": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.9.6.tgz", + "integrity": "sha512-AoeIEJn8vt+d/6+PXDRPaksYhnlbMIiejioBZvvMQsOjW/JYK6k/0dKnvvP3EhK5GfMBWDPtrxRtegWdAcdq9Q==", + "dev": true + }, + "@babel/plugin-syntax-async-generators": { + "version": "7.8.4", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz", + "integrity": "sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-bigint": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-bigint/-/plugin-syntax-bigint-7.8.3.tgz", + "integrity": "sha512-wnTnFlG+YxQm3vDxpGE57Pj0srRU4sHE/mDkt1qv2YJJSeUAec2ma4WLUnUPeKjyrfntVwe/N6dCXpU+zL3Npg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-class-properties": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.8.3.tgz", + "integrity": "sha512-UcAyQWg2bAN647Q+O811tG9MrJ38Z10jjhQdKNAL8fsyPzE3cCN/uT+f55cFVY4aGO4jqJAvmqsuY3GQDwAoXg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-json-strings": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz", + "integrity": "sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-logical-assignment-operators": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.8.3.tgz", + "integrity": "sha512-Zpg2Sgc++37kuFl6ppq2Q7Awc6E6AIW671x5PY8E/f7MCIyPPGK/EoeZXvvY3P42exZ3Q4/t3YOzP/HiN79jDg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-nullish-coalescing-operator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz", + "integrity": "sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-numeric-separator": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.8.3.tgz", + "integrity": "sha512-H7dCMAdN83PcCmqmkHB5dtp+Xa9a6LKSvA2hiFBC/5alSHxM5VgWZXFqDi0YFe8XNGT6iCa+z4V4zSt/PdZ7Dw==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.3" + } + }, + "@babel/plugin-syntax-object-rest-spread": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.8.3.tgz", + "integrity": "sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-catch-binding": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-catch-binding/-/plugin-syntax-optional-catch-binding-7.8.3.tgz", + "integrity": "sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/plugin-syntax-optional-chaining": { + "version": "7.8.3", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.8.3.tgz", + "integrity": "sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.8.0" + } + }, + "@babel/template": { + "version": "7.8.6", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.8.6.tgz", + "integrity": "sha512-zbMsPMy/v0PWFZEhQJ66bqjhH+z0JgMoBWuikXybgG3Gkd/3t5oQ1Rw2WQhnSrsOmsKXnZOx15tkC4qON/+JPg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/parser": "^7.8.6", + "@babel/types": "^7.8.6" + } + }, + "@babel/traverse": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.9.6.tgz", + "integrity": "sha512-b3rAHSjbxy6VEAvlxM8OV/0X4XrG72zoxme6q1MOoe2vd0bEc+TwayhuC1+Dfgqh1QEG+pj7atQqvUprHIccsg==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.8.3", + "@babel/generator": "^7.9.6", + "@babel/helper-function-name": "^7.9.5", + "@babel/helper-split-export-declaration": "^7.8.3", + "@babel/parser": "^7.9.6", + "@babel/types": "^7.9.6", + "debug": "^4.1.0", + "globals": "^11.1.0", + "lodash": "^4.17.13" + } + }, + "@babel/types": { + "version": "7.9.6", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.9.6.tgz", + "integrity": "sha512-qxXzvBO//jO9ZnoasKF1uJzHd2+M6Q2ZPIVfnFps8JJvXy0ZBbwbNOmE6SGIY5XOY6d1Bo5lb9d9RJ8nv3WSeA==", + "dev": true, + "requires": { + "@babel/helper-validator-identifier": "^7.9.5", + "lodash": "^4.17.13", + "to-fast-properties": "^2.0.0" + } + }, + "@bcoe/v8-coverage": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz", + "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", + "dev": true + }, + "@cnakazawa/watch": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@cnakazawa/watch/-/watch-1.0.4.tgz", + "integrity": "sha512-v9kIhKwjeZThiWrLmj0y17CWoyddASLj9O2yvbZkbvw/N3rWOYy9zkV66ursAoVr0mV15bL8g0c4QZUE6cdDoQ==", + "dev": true, + "requires": { + "exec-sh": "^0.3.2", + "minimist": "^1.2.0" + } + }, + "@istanbuljs/load-nyc-config": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", + "integrity": "sha512-VjeHSlIzpv/NyD3N0YuHfXOPDIixcA1q2ZV98wsMqcYlPmv2n3Yb2lYP9XMElnaFVXg5A7YLTeLu6V84uQDjmQ==", + "dev": true, + "requires": { + "camelcase": "^5.3.1", + "find-up": "^4.1.0", + "get-package-type": "^0.1.0", + "js-yaml": "^3.13.1", + "resolve-from": "^5.0.0" + } + }, + "@istanbuljs/schema": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/@istanbuljs/schema/-/schema-0.1.2.tgz", + "integrity": "sha512-tsAQNx32a8CoFhjhijUIhI4kccIAgmGhy8LZMZgGfmXcpMbPRUqn5LWmgRttILi6yeGmBJd2xsPkFMs0PzgPCw==", + "dev": true + }, + "@jest/console": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/console/-/console-25.5.0.tgz", + "integrity": "sha512-T48kZa6MK1Y6k4b89sexwmSF4YLeZS/Udqg3Jj3jG/cHH+N/sLFCEoXEDMOKugJQ9FxPN1osxIknvKkxt6MKyw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "jest-message-util": "^25.5.0", + "jest-util": "^25.5.0", + "slash": "^3.0.0" + } + }, + "@jest/core": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/@jest/core/-/core-25.5.4.tgz", + "integrity": "sha512-3uSo7laYxF00Dg/DMgbn4xMJKmDdWvZnf89n8Xj/5/AeQ2dOQmn6b6Hkj/MleyzZWXpwv+WSdYWl4cLsy2JsoA==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/reporters": "^25.5.1", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "ansi-escapes": "^4.2.1", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-changed-files": "^25.5.0", + "jest-config": "^25.5.4", + "jest-haste-map": "^25.5.1", + "jest-message-util": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-resolve-dependencies": "^25.5.4", + "jest-runner": "^25.5.4", + "jest-runtime": "^25.5.4", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "jest-watcher": "^25.5.0", + "micromatch": "^4.0.2", + "p-each-series": "^2.1.0", + "realpath-native": "^2.0.0", + "rimraf": "^3.0.0", + "slash": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "@jest/environment": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/environment/-/environment-25.5.0.tgz", + "integrity": "sha512-U2VXPEqL07E/V7pSZMSQCvV5Ea4lqOlT+0ZFijl/i316cRMHvZ4qC+jBdryd+lmRetjQo0YIQr6cVPNxxK87mA==", + "dev": true, + "requires": { + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0" + } + }, + "@jest/fake-timers": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/fake-timers/-/fake-timers-25.5.0.tgz", + "integrity": "sha512-9y2+uGnESw/oyOI3eww9yaxdZyHq7XvprfP/eeoCsjqKYts2yRlsHS/SgjPDV8FyMfn2nbMy8YzUk6nyvdLOpQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "lolex": "^5.0.0" + } + }, + "@jest/globals": { + "version": "25.5.2", + "resolved": "https://registry.npmjs.org/@jest/globals/-/globals-25.5.2.tgz", + "integrity": "sha512-AgAS/Ny7Q2RCIj5kZ+0MuKM1wbF0WMLxbCVl/GOMoCNbODRdJ541IxJ98xnZdVSZXivKpJlNPIWa3QmY0l4CXA==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/types": "^25.5.0", + "expect": "^25.5.0" + } + }, + "@jest/reporters": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/@jest/reporters/-/reporters-25.5.1.tgz", + "integrity": "sha512-3jbd8pPDTuhYJ7vqiHXbSwTJQNavczPs+f1kRprRDxETeE3u6srJ+f0NPuwvOmk+lmunZzPkYWIFZDLHQPkviw==", + "dev": true, + "requires": { + "@bcoe/v8-coverage": "^0.2.3", + "@jest/console": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "collect-v8-coverage": "^1.0.0", + "exit": "^0.1.2", + "glob": "^7.1.2", + "graceful-fs": "^4.2.4", + "istanbul-lib-coverage": "^3.0.0", + "istanbul-lib-instrument": "^4.0.0", + "istanbul-lib-report": "^3.0.0", + "istanbul-lib-source-maps": "^4.0.0", + "istanbul-reports": "^3.0.2", + "jest-haste-map": "^25.5.1", + "jest-resolve": "^25.5.1", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "node-notifier": "^6.0.0", + "slash": "^3.0.0", + "source-map": "^0.6.0", + "string-length": "^3.1.0", + "terminal-link": "^2.0.0", + "v8-to-istanbul": "^4.1.3" + } + }, + "@jest/source-map": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/source-map/-/source-map-25.5.0.tgz", + "integrity": "sha512-eIGx0xN12yVpMcPaVpjXPnn3N30QGJCJQSkEDUt9x1fI1Gdvb07Ml6K5iN2hG7NmMP6FDmtPEssE3z6doOYUwQ==", + "dev": true, + "requires": { + "callsites": "^3.0.0", + "graceful-fs": "^4.2.4", + "source-map": "^0.6.0" + } + }, + "@jest/test-result": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/test-result/-/test-result-25.5.0.tgz", + "integrity": "sha512-oV+hPJgXN7IQf/fHWkcS99y0smKLU2czLBJ9WA0jHITLst58HpQMtzSYxzaBvYc6U5U6jfoMthqsUlUlbRXs0A==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/types": "^25.5.0", + "@types/istanbul-lib-coverage": "^2.0.0", + "collect-v8-coverage": "^1.0.0" + } + }, + "@jest/test-sequencer": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/@jest/test-sequencer/-/test-sequencer-25.5.4.tgz", + "integrity": "sha512-pTJGEkSeg1EkCO2YWq6hbFvKNXk8ejqlxiOg1jBNLnWrgXOkdY6UmqZpwGFXNnRt9B8nO1uWMzLLZ4eCmhkPNA==", + "dev": true, + "requires": { + "@jest/test-result": "^25.5.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^25.5.1", + "jest-runner": "^25.5.4", + "jest-runtime": "^25.5.4" + } + }, + "@jest/transform": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/@jest/transform/-/transform-25.5.1.tgz", + "integrity": "sha512-Y8CEoVwXb4QwA6Y/9uDkn0Xfz0finGkieuV0xkdF9UtZGJeLukD5nLkaVrVsODB1ojRWlaoD0AJZpVHCSnJEvg==", + "dev": true, + "requires": { + "@babel/core": "^7.1.0", + "@jest/types": "^25.5.0", + "babel-plugin-istanbul": "^6.0.0", + "chalk": "^3.0.0", + "convert-source-map": "^1.4.0", + "fast-json-stable-stringify": "^2.0.0", + "graceful-fs": "^4.2.4", + "jest-haste-map": "^25.5.1", + "jest-regex-util": "^25.2.6", + "jest-util": "^25.5.0", + "micromatch": "^4.0.2", + "pirates": "^4.0.1", + "realpath-native": "^2.0.0", + "slash": "^3.0.0", + "source-map": "^0.6.1", + "write-file-atomic": "^3.0.0" + } + }, + "@jest/types": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/@jest/types/-/types-25.5.0.tgz", + "integrity": "sha512-OXD0RgQ86Tu3MazKo8bnrkDRaDXXMGUqd+kTtLtK1Zb7CRzQcaSRPPPV37SvYTdevXEBVxe0HXylEjs8ibkmCw==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "^2.0.0", + "@types/istanbul-reports": "^1.1.1", + "@types/yargs": "^15.0.0", + "chalk": "^3.0.0" + } + }, + "@sinonjs/commons": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.0.tgz", + "integrity": "sha512-wEj54PfsZ5jGSwMX68G8ZXFawcSglQSXqCftWX3ec8MDUzQdHgcKvw97awHbY0efQEL5iKUOAmmVtoYgmrSG4Q==", + "dev": true, + "requires": { + "type-detect": "4.0.8" + } + }, + "@types/babel__core": { + "version": "7.1.7", + "resolved": "https://registry.npmjs.org/@types/babel__core/-/babel__core-7.1.7.tgz", + "integrity": "sha512-RL62NqSFPCDK2FM1pSDH0scHpJvsXtZNiYlMB73DgPBaG1E38ZYVL+ei5EkWRbr+KC4YNiAUNBnRj+bgwpgjMw==", + "dev": true, + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0", + "@types/babel__generator": "*", + "@types/babel__template": "*", + "@types/babel__traverse": "*" + } + }, + "@types/babel__generator": { + "version": "7.6.1", + "resolved": "https://registry.npmjs.org/@types/babel__generator/-/babel__generator-7.6.1.tgz", + "integrity": "sha512-bBKm+2VPJcMRVwNhxKu8W+5/zT7pwNEqeokFOmbvVSqGzFneNxYcEBro9Ac7/N9tlsaPYnZLK8J1LWKkMsLAew==", + "dev": true, + "requires": { + "@babel/types": "^7.0.0" + } + }, + "@types/babel__template": { + "version": "7.0.2", + "resolved": "https://registry.npmjs.org/@types/babel__template/-/babel__template-7.0.2.tgz", + "integrity": "sha512-/K6zCpeW7Imzgab2bLkLEbz0+1JlFSrUMdw7KoIIu+IUdu51GWaBZpd3y1VXGVXzynvGa4DaIaxNZHiON3GXUg==", + "dev": true, + "requires": { + "@babel/parser": "^7.1.0", + "@babel/types": "^7.0.0" + } + }, + "@types/babel__traverse": { + "version": "7.0.11", + "resolved": "https://registry.npmjs.org/@types/babel__traverse/-/babel__traverse-7.0.11.tgz", + "integrity": "sha512-ddHK5icION5U6q11+tV2f9Mo6CZVuT8GJKld2q9LqHSZbvLbH34Kcu2yFGckZut453+eQU6btIA3RihmnRgI+Q==", + "dev": true, + "requires": { + "@babel/types": "^7.3.0" + } + }, + "@types/color-name": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@types/color-name/-/color-name-1.1.1.tgz", + "integrity": "sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==", + "dev": true + }, + "@types/graceful-fs": { + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/@types/graceful-fs/-/graceful-fs-4.1.3.tgz", + "integrity": "sha512-AiHRaEB50LQg0pZmm659vNBb9f4SJ0qrAnteuzhSeAUcJKxoYgEnprg/83kppCnc2zvtCKbdZry1a5pVY3lOTQ==", + "dev": true, + "requires": { + "@types/node": "*" + } + }, + "@types/istanbul-lib-coverage": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-coverage/-/istanbul-lib-coverage-2.0.2.tgz", + "integrity": "sha512-rsZg7eL+Xcxsxk2XlBt9KcG8nOp9iYdKCOikY9x2RFJCyOdNj4MKPQty0e8oZr29vVAzKXr1BmR+kZauti3o1w==", + "dev": true + }, + "@types/istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/@types/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-plGgXAPfVKFoYfa9NpYDAkseG+g6Jr294RqeqcqDixSbU34MZVJRi/P+7Y8GDpzkEwLaGZZOpKIEmeVZNtKsrg==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "*" + } + }, + "@types/istanbul-reports": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@types/istanbul-reports/-/istanbul-reports-1.1.2.tgz", + "integrity": "sha512-P/W9yOX/3oPZSpaYOCQzGqgCQRXn0FFO/V8bWrCQs+wLmvVVxk6CRBXALEvNs9OHIatlnlFokfhuDo2ug01ciw==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "*", + "@types/istanbul-lib-report": "*" + } + }, + "@types/node": { + "version": "14.0.5", + "resolved": "https://registry.npmjs.org/@types/node/-/node-14.0.5.tgz", + "integrity": "sha512-90hiq6/VqtQgX8Sp0EzeIsv3r+ellbGj4URKj5j30tLlZvRUpnAe9YbYnjl3pJM93GyXU0tghHhvXHq+5rnCKA==", + "dev": true + }, + "@types/normalize-package-data": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@types/normalize-package-data/-/normalize-package-data-2.4.0.tgz", + "integrity": "sha512-f5j5b/Gf71L+dbqxIpQ4Z2WlmI/mPJ0fOkGGmFgtb6sAu97EPczzbS3/tJKxmcYDj55OX6ssqwDAWOHIYDRDGA==", + "dev": true + }, + "@types/prettier": { + "version": "1.19.1", + "resolved": "https://registry.npmjs.org/@types/prettier/-/prettier-1.19.1.tgz", + "integrity": "sha512-5qOlnZscTn4xxM5MeGXAMOsIOIKIbh9e85zJWfBRVPlRMEVawzoPhINYbRGkBZCI8LxvBe7tJCdWiarA99OZfQ==", + "dev": true + }, + "@types/stack-utils": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/@types/stack-utils/-/stack-utils-1.0.1.tgz", + "integrity": "sha512-l42BggppR6zLmpfU6fq9HEa2oGPEI8yrSPL3GITjfRInppYFahObbIQOQK3UGxEnyQpltZLaPe75046NOZQikw==", + "dev": true + }, + "@types/yargs": { + "version": "15.0.5", + "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-15.0.5.tgz", + "integrity": "sha512-Dk/IDOPtOgubt/IaevIUbTgV7doaKkoorvOyYM2CMwuDyP89bekI7H4xLIwunNYiK9jhCkmc6pUrJk3cj2AB9w==", + "dev": true, + "requires": { + "@types/yargs-parser": "*" + } + }, + "@types/yargs-parser": { + "version": "15.0.0", + "resolved": "https://registry.npmjs.org/@types/yargs-parser/-/yargs-parser-15.0.0.tgz", + "integrity": "sha512-FA/BWv8t8ZWJ+gEOnLLd8ygxH/2UFbAvgEonyfN6yWGLKc7zVjbpl2Y4CTjid9h2RfgPP6SEt6uHwEOply00yw==", + "dev": true + }, + "abab": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/abab/-/abab-2.0.3.tgz", + "integrity": "sha512-tsFzPpcttalNjFBCFMqsKYQcWxxen1pgJR56by//QwvJc4/OUS3kPOOttx2tSIfjsylB0pYu7f5D3K1RCxUnUg==", + "dev": true + }, + "acorn": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.2.0.tgz", + "integrity": "sha512-apwXVmYVpQ34m/i71vrApRrRKCWQnZZF1+npOD0WV5xZFfwWOmKGQ2RWlfdy9vWITsenisM8M0Qeq8agcFHNiQ==", + "dev": true + }, + "acorn-globals": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-4.3.4.tgz", + "integrity": "sha512-clfQEh21R+D0leSbUdWf3OcfqyaCSAQ8Ryq00bofSekfr9W8u1jyYZo6ir0xu9Gtcf7BjcHJpnbZH7JOCpP60A==", + "dev": true, + "requires": { + "acorn": "^6.0.1", + "acorn-walk": "^6.0.1" + }, + "dependencies": { + "acorn": { + "version": "6.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", + "integrity": "sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==", + "dev": true + } + } + }, + "acorn-walk": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-6.2.0.tgz", + "integrity": "sha512-7evsyfH1cLOCdAzZAd43Cic04yKydNx0cF+7tiA19p1XnLLPU4dpCQOqpjqwokFe//vS0QqfqqjCS2JkiIs0cA==", + "dev": true + }, + "ajv": { + "version": "6.12.2", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.2.tgz", + "integrity": "sha512-k+V+hzjm5q/Mr8ef/1Y9goCmlsK4I6Sm74teeyGvFk1XrOsbsKLjEdrvny42CZ+a8sXbk8KWpY/bDwS+FLL2UQ==", + "dev": true, + "requires": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, + "ansi-escapes": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.1.tgz", + "integrity": "sha512-JWF7ocqNrp8u9oqpgV+wH5ftbt+cfvv+PTjOvKLT3AdYly/LmORARfEVT1iyjwN+4MqE5UmVKoAdIBqeoCHgLA==", + "dev": true, + "requires": { + "type-fest": "^0.11.0" + }, + "dependencies": { + "type-fest": { + "version": "0.11.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.11.0.tgz", + "integrity": "sha512-OdjXJxnCN1AvyLSzeKIgXTXxV+99ZuXl3Hpo9XpJAv9MBcHrrJOQ5kV7ypXOuQie+AmWG25hLbiKdwYTifzcfQ==", + "dev": true + } + } + }, + "ansi-regex": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", + "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==", + "dev": true + }, + "ansi-styles": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.2.1.tgz", + "integrity": "sha512-9VGjrMsG1vePxcSweQsN20KY/c4zN0h9fLjqAbwbPfahM3t+NL+M9HC8xeXG2I8pX5NoamTGNuomEUFI7fcUjA==", + "dev": true, + "requires": { + "@types/color-name": "^1.1.1", + "color-convert": "^2.0.1" + } + }, + "anymatch": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.1.tgz", + "integrity": "sha512-mM8522psRCqzV+6LhomX5wgp25YVibjh8Wj23I5RPkPppSVSjyKD2A2mBJmWGa+KN7f2D6LNh9jkBCeyLktzjg==", + "dev": true, + "requires": { + "normalize-path": "^3.0.0", + "picomatch": "^2.0.4" + } + }, + "argparse": { + "version": "1.0.10", + "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", + "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", + "dev": true, + "requires": { + "sprintf-js": "~1.0.2" + } + }, + "arr-diff": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/arr-diff/-/arr-diff-4.0.0.tgz", + "integrity": "sha1-1kYQdP6/7HHn4VI1dhoyml3HxSA=", + "dev": true + }, + "arr-flatten": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/arr-flatten/-/arr-flatten-1.1.0.tgz", + "integrity": "sha512-L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg==", + "dev": true + }, + "arr-union": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-3.1.0.tgz", + "integrity": "sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ=", + "dev": true + }, + "array-equal": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/array-equal/-/array-equal-1.0.0.tgz", + "integrity": "sha1-jCpe8kcv2ep0KwTHenUJO6J1fJM=", + "dev": true + }, + "array-unique": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.3.2.tgz", + "integrity": "sha1-qJS3XUvE9s1nnvMkSp/Y9Gri1Cg=", + "dev": true + }, + "asn1": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", + "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", + "dev": true, + "requires": { + "safer-buffer": "~2.1.0" + } + }, + "assert-plus": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", + "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", + "dev": true + }, + "assign-symbols": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assign-symbols/-/assign-symbols-1.0.0.tgz", + "integrity": "sha1-WWZ/QfrdTyDMvCu5a41Pf3jsA2c=", + "dev": true + }, + "astral-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-1.0.0.tgz", + "integrity": "sha512-+Ryf6g3BKoRc7jfp7ad8tM4TtMiaWvbF/1/sQcZPkkS7ag3D5nMBCe2UfOTONtAkaG0tO0ij3C5Lwmf1EiyjHg==", + "dev": true + }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", + "dev": true + }, + "atob": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz", + "integrity": "sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==", + "dev": true + }, + "aws-sign2": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", + "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", + "dev": true + }, + "aws4": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.10.0.tgz", + "integrity": "sha512-3YDiu347mtVtjpyV3u5kVqQLP242c06zwDOgpeRnybmXlYYsLbtTrUBUm8i8srONt+FWobl5aibnU1030PeeuA==", + "dev": true + }, + "babel-jest": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-25.5.1.tgz", + "integrity": "sha512-9dA9+GmMjIzgPnYtkhBg73gOo/RHqPmLruP3BaGL4KEX3Dwz6pI8auSN8G8+iuEG90+GSswyKvslN+JYSaacaQ==", + "dev": true, + "requires": { + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "@types/babel__core": "^7.1.7", + "babel-plugin-istanbul": "^6.0.0", + "babel-preset-jest": "^25.5.0", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "slash": "^3.0.0" + } + }, + "babel-plugin-istanbul": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/babel-plugin-istanbul/-/babel-plugin-istanbul-6.0.0.tgz", + "integrity": "sha512-AF55rZXpe7trmEylbaE1Gv54wn6rwU03aptvRoVIGP8YykoSxqdVLV1TfwflBCE/QtHmqtP8SWlTENqbK8GCSQ==", + "dev": true, + "requires": { + "@babel/helper-plugin-utils": "^7.0.0", + "@istanbuljs/load-nyc-config": "^1.0.0", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-instrument": "^4.0.0", + "test-exclude": "^6.0.0" + } + }, + "babel-plugin-jest-hoist": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/babel-plugin-jest-hoist/-/babel-plugin-jest-hoist-25.5.0.tgz", + "integrity": "sha512-u+/W+WAjMlvoocYGTwthAiQSxDcJAyHpQ6oWlHdFZaaN+Rlk8Q7iiwDPg2lN/FyJtAYnKjFxbn7xus4HCFkg5g==", + "dev": true, + "requires": { + "@babel/template": "^7.3.3", + "@babel/types": "^7.3.3", + "@types/babel__traverse": "^7.0.6" + } + }, + "babel-preset-current-node-syntax": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/babel-preset-current-node-syntax/-/babel-preset-current-node-syntax-0.1.2.tgz", + "integrity": "sha512-u/8cS+dEiK1SFILbOC8/rUI3ml9lboKuuMvZ/4aQnQmhecQAgPw5ew066C1ObnEAUmlx7dv/s2z52psWEtLNiw==", + "dev": true, + "requires": { + "@babel/plugin-syntax-async-generators": "^7.8.4", + "@babel/plugin-syntax-bigint": "^7.8.3", + "@babel/plugin-syntax-class-properties": "^7.8.3", + "@babel/plugin-syntax-json-strings": "^7.8.3", + "@babel/plugin-syntax-logical-assignment-operators": "^7.8.3", + "@babel/plugin-syntax-nullish-coalescing-operator": "^7.8.3", + "@babel/plugin-syntax-numeric-separator": "^7.8.3", + "@babel/plugin-syntax-object-rest-spread": "^7.8.3", + "@babel/plugin-syntax-optional-catch-binding": "^7.8.3", + "@babel/plugin-syntax-optional-chaining": "^7.8.3" + } + }, + "babel-preset-jest": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/babel-preset-jest/-/babel-preset-jest-25.5.0.tgz", + "integrity": "sha512-8ZczygctQkBU+63DtSOKGh7tFL0CeCuz+1ieud9lJ1WPQ9O6A1a/r+LGn6Y705PA6whHQ3T1XuB/PmpfNYf8Fw==", + "dev": true, + "requires": { + "babel-plugin-jest-hoist": "^25.5.0", + "babel-preset-current-node-syntax": "^0.1.2" + } + }, + "balanced-match": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", + "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=", + "dev": true + }, + "base": { + "version": "0.11.2", + "resolved": "https://registry.npmjs.org/base/-/base-0.11.2.tgz", + "integrity": "sha512-5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg==", + "dev": true, + "requires": { + "cache-base": "^1.0.1", + "class-utils": "^0.3.5", + "component-emitter": "^1.2.1", + "define-property": "^1.0.0", + "isobject": "^3.0.1", + "mixin-deep": "^1.2.0", + "pascalcase": "^0.1.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "bcrypt-pbkdf": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", + "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", + "dev": true, + "requires": { + "tweetnacl": "^0.14.3" + } + }, + "brace-expansion": { + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", + "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "dev": true, + "requires": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "braces": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", + "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "dev": true, + "requires": { + "fill-range": "^7.0.1" + } + }, + "browser-process-hrtime": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/browser-process-hrtime/-/browser-process-hrtime-1.0.0.tgz", + "integrity": "sha512-9o5UecI3GhkpM6DrXr69PblIuWxPKk9Y0jHBRhdocZ2y7YECBFCsHm79Pr3OyR2AvjhDkabFJaDJMYRazHgsow==", + "dev": true + }, + "browser-resolve": { + "version": "1.11.3", + "resolved": "https://registry.npmjs.org/browser-resolve/-/browser-resolve-1.11.3.tgz", + "integrity": "sha512-exDi1BYWB/6raKHmDTCicQfTkqwN5fioMFV4j8BsfMU4R2DK/QfZfK7kOVkmWCNANf0snkBzqGqAJBao9gZMdQ==", + "dev": true, + "requires": { + "resolve": "1.1.7" + }, + "dependencies": { + "resolve": { + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.1.7.tgz", + "integrity": "sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs=", + "dev": true + } + } + }, + "bser": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/bser/-/bser-2.1.1.tgz", + "integrity": "sha512-gQxTNE/GAfIIrmHLUE3oJyp5FO6HRBfhjnw4/wMmA63ZGDJnWBmgY/lyQBpnDUkGmAhbSe39tx2d/iTOAfglwQ==", + "dev": true, + "requires": { + "node-int64": "^0.4.0" + } + }, + "buffer-from": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", + "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==", + "dev": true + }, + "cache-base": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/cache-base/-/cache-base-1.0.1.tgz", + "integrity": "sha512-AKcdTnFSWATd5/GCPRxr2ChwIJ85CeyrEyjRHlKxQ56d4XJMGym0uAiKn0xbLOGOl3+yRpOTi484dVCEc5AUzQ==", + "dev": true, + "requires": { + "collection-visit": "^1.0.0", + "component-emitter": "^1.2.1", + "get-value": "^2.0.6", + "has-value": "^1.0.0", + "isobject": "^3.0.1", + "set-value": "^2.0.0", + "to-object-path": "^0.3.0", + "union-value": "^1.0.0", + "unset-value": "^1.0.0" + } + }, + "callsites": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", + "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==", + "dev": true + }, + "camelcase": { + "version": "5.3.1", + "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz", + "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==", + "dev": true + }, + "capture-exit": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/capture-exit/-/capture-exit-2.0.0.tgz", + "integrity": "sha512-PiT/hQmTonHhl/HFGN+Lx3JJUznrVYJ3+AQsnthneZbvW7x+f08Tk7yLJTLEOUvBTbduLeeBkxEaYXUOUrRq6g==", + "dev": true, + "requires": { + "rsvp": "^4.8.4" + } + }, + "caseless": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", + "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=", + "dev": true + }, + "chalk": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-3.0.0.tgz", + "integrity": "sha512-4D3B6Wf41KOYRFdszmDqMCGq5VV/uMAB273JILmO+3jAlh8X4qDtdtgCR3fxtbLEMzSx22QdhnDcJvu2u1fVwg==", + "dev": true, + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } + }, + "ci-info": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", + "integrity": "sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==", + "dev": true + }, + "class-utils": { + "version": "0.3.6", + "resolved": "https://registry.npmjs.org/class-utils/-/class-utils-0.3.6.tgz", + "integrity": "sha512-qOhPa/Fj7s6TY8H8esGu5QNpMMQxz79h+urzrNYN6mn+9BnxlDGf5QZ+XeCDsxSjPqsSR56XOZOJmpeurnLMeg==", + "dev": true, + "requires": { + "arr-union": "^3.1.0", + "define-property": "^0.2.5", + "isobject": "^3.0.0", + "static-extend": "^0.1.1" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "cliui": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-6.0.0.tgz", + "integrity": "sha512-t6wbgtoCXvAzst7QgXxJYqPt0usEfbgQdftEPbLL/cvv6HPE5VgvqCuAIDR0NgU52ds6rFwqrgakNLrHEjCbrQ==", + "dev": true, + "requires": { + "string-width": "^4.2.0", + "strip-ansi": "^6.0.0", + "wrap-ansi": "^6.2.0" + } + }, + "co": { + "version": "4.6.0", + "resolved": "https://registry.npmjs.org/co/-/co-4.6.0.tgz", + "integrity": "sha1-bqa989hTrlTMuOR7+gvz+QMfsYQ=", + "dev": true + }, + "collect-v8-coverage": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/collect-v8-coverage/-/collect-v8-coverage-1.0.1.tgz", + "integrity": "sha512-iBPtljfCNcTKNAto0KEtDfZ3qzjJvqE3aTGZsbhjSBlorqpXJlaWWtPO35D+ZImoC3KWejX64o+yPGxhWSTzfg==", + "dev": true + }, + "collection-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/collection-visit/-/collection-visit-1.0.0.tgz", + "integrity": "sha1-S8A3PBZLwykbTTaMgpzxqApZ3KA=", + "dev": true, + "requires": { + "map-visit": "^1.0.0", + "object-visit": "^1.0.0" + } + }, + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "requires": { + "color-name": "~1.1.4" + } + }, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dev": true, + "requires": { + "delayed-stream": "~1.0.0" + } + }, + "component-emitter": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz", + "integrity": "sha512-Rd3se6QB+sO1TwqZjscQrurpEPIfO0/yYnSin6Q/rD3mOutHvUrCAhJub3r90uNb+SESBuE0QYoB90YdfatsRg==", + "dev": true + }, + "concat-map": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", + "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", + "dev": true + }, + "convert-source-map": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.7.0.tgz", + "integrity": "sha512-4FJkXzKXEDB1snCFZlLP4gpC3JILicCpGbzG9f9G7tGqGCzETQ2hWPrcinA9oU4wtf2biUaEH5065UnMeR33oA==", + "dev": true, + "requires": { + "safe-buffer": "~5.1.1" + } + }, + "copy-descriptor": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz", + "integrity": "sha1-Z29us8OZl8LuGsOpJP1hJHSPV40=", + "dev": true + }, + "core-util-is": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz", + "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=", + "dev": true + }, + "cross-spawn": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", + "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==", + "dev": true, + "requires": { + "nice-try": "^1.0.4", + "path-key": "^2.0.1", + "semver": "^5.5.0", + "shebang-command": "^1.2.0", + "which": "^1.2.9" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + }, + "which": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", + "dev": true, + "requires": { + "isexe": "^2.0.0" + } + } + } + }, + "cssom": { + "version": "0.4.4", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.4.4.tgz", + "integrity": "sha512-p3pvU7r1MyyqbTk+WbNJIgJjG2VmTIaB10rI93LzVPrmDJKkzKYMtxxyAvQXR/NS6otuzveI7+7BBq3SjBS2mw==", + "dev": true + }, + "cssstyle": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-2.3.0.tgz", + "integrity": "sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A==", + "dev": true, + "requires": { + "cssom": "~0.3.6" + }, + "dependencies": { + "cssom": { + "version": "0.3.8", + "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.8.tgz", + "integrity": "sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg==", + "dev": true + } + } + }, + "dashdash": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", + "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0" + } + }, + "data-urls": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-1.1.0.tgz", + "integrity": "sha512-YTWYI9se1P55u58gL5GkQHW4P6VJBJ5iBT+B5a7i2Tjadhv52paJG0qHX4A0OR6/t52odI64KP2YvFpkDOi3eQ==", + "dev": true, + "requires": { + "abab": "^2.0.0", + "whatwg-mimetype": "^2.2.0", + "whatwg-url": "^7.0.0" + } + }, + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "dev": true, + "requires": { + "ms": "^2.1.1" + } + }, + "decamelize": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz", + "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=", + "dev": true + }, + "decode-uri-component": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.0.tgz", + "integrity": "sha1-6zkTMzRYd1y4TNGh+uBiEGu4dUU=", + "dev": true + }, + "deep-is": { + "version": "0.1.3", + "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz", + "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", + "dev": true + }, + "deepmerge": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz", + "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg==", + "dev": true + }, + "define-property": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-2.0.2.tgz", + "integrity": "sha512-jwK2UV4cnPpbcG7+VRARKTZPUWowwXA8bzH5NP6ud0oeAxyYPuGZUAC7hMugpCdz4BeSZl2Dl9k66CHJ/46ZYQ==", + "dev": true, + "requires": { + "is-descriptor": "^1.0.2", + "isobject": "^3.0.1" + }, + "dependencies": { + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", + "dev": true + }, + "detect-newline": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/detect-newline/-/detect-newline-3.1.0.tgz", + "integrity": "sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==", + "dev": true + }, + "diff-sequences": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/diff-sequences/-/diff-sequences-25.2.6.tgz", + "integrity": "sha512-Hq8o7+6GaZeoFjtpgvRBUknSXNeJiCx7V9Fr94ZMljNiCr9n9L8H8aJqgWOQiDDGdyn29fRNcDdRVJ5fdyihfg==", + "dev": true + }, + "domexception": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/domexception/-/domexception-1.0.1.tgz", + "integrity": "sha512-raigMkn7CJNNo6Ihro1fzG7wr3fHuYVytzquZKX5n0yizGsTcYgzdIUwj1X9pK0VvjeihV+XiclP+DjwbsSKug==", + "dev": true, + "requires": { + "webidl-conversions": "^4.0.2" + } + }, + "ecc-jsbn": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", + "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "dev": true, + "requires": { + "jsbn": "~0.1.0", + "safer-buffer": "^2.1.0" + } + }, + "emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true + }, + "end-of-stream": { + "version": "1.4.4", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", + "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "dev": true, + "requires": { + "once": "^1.4.0" + } + }, + "error-ex": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", + "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==", + "dev": true, + "requires": { + "is-arrayish": "^0.2.1" + } + }, + "escape-string-regexp": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", + "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=", + "dev": true + }, + "escodegen": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-1.14.1.tgz", + "integrity": "sha512-Bmt7NcRySdIfNPfU2ZoXDrrXsG9ZjvDxcAlMfDUgRBjLOWTuIACXPBFJH7Z+cLb40JeQco5toikyc9t9P8E9SQ==", + "dev": true, + "requires": { + "esprima": "^4.0.1", + "estraverse": "^4.2.0", + "esutils": "^2.0.2", + "optionator": "^0.8.1", + "source-map": "~0.6.1" + } + }, + "esprima": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", + "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", + "dev": true + }, + "estraverse": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz", + "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==", + "dev": true + }, + "esutils": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz", + "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==", + "dev": true + }, + "exec-sh": { + "version": "0.3.4", + "resolved": "https://registry.npmjs.org/exec-sh/-/exec-sh-0.3.4.tgz", + "integrity": "sha512-sEFIkc61v75sWeOe72qyrqg2Qg0OuLESziUDk/O/z2qgS15y2gWVFrI6f2Qn/qw/0/NCfCEsmNA4zOjkwEZT1A==", + "dev": true + }, + "execa": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz", + "integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==", + "dev": true, + "requires": { + "cross-spawn": "^6.0.0", + "get-stream": "^4.0.0", + "is-stream": "^1.1.0", + "npm-run-path": "^2.0.0", + "p-finally": "^1.0.0", + "signal-exit": "^3.0.0", + "strip-eof": "^1.0.0" + } + }, + "exit": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz", + "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw=", + "dev": true + }, + "expand-brackets": { + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/expand-brackets/-/expand-brackets-2.1.4.tgz", + "integrity": "sha1-t3c14xXOMPa27/D4OwQVGiJEliI=", + "dev": true, + "requires": { + "debug": "^2.3.3", + "define-property": "^0.2.5", + "extend-shallow": "^2.0.1", + "posix-character-classes": "^0.1.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true + } + } + }, + "expect": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/expect/-/expect-25.5.0.tgz", + "integrity": "sha512-w7KAXo0+6qqZZhovCaBVPSIqQp7/UTcx4M9uKt2m6pd2VB1voyC8JizLRqeEqud3AAVP02g+hbErDu5gu64tlA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "ansi-styles": "^4.0.0", + "jest-get-type": "^25.2.6", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-regex-util": "^25.2.6" + } + }, + "extend": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", + "dev": true + }, + "extend-shallow": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-3.0.2.tgz", + "integrity": "sha1-Jqcarwc7OfshJxcnRhMcJwQCjbg=", + "dev": true, + "requires": { + "assign-symbols": "^1.0.0", + "is-extendable": "^1.0.1" + }, + "dependencies": { + "is-extendable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", + "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "dev": true, + "requires": { + "is-plain-object": "^2.0.4" + } + } + } + }, + "extglob": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/extglob/-/extglob-2.0.4.tgz", + "integrity": "sha512-Nmb6QXkELsuBr24CJSkilo6UHHgbekK5UiZgfE6UHD3Eb27YC6oD+bhcT+tJ6cl8dmsgdQxnWlcry8ksBIBLpw==", + "dev": true, + "requires": { + "array-unique": "^0.3.2", + "define-property": "^1.0.0", + "expand-brackets": "^2.1.4", + "extend-shallow": "^2.0.1", + "fragment-cache": "^0.2.1", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "extsprintf": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", + "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", + "dev": true + }, + "fast-deep-equal": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.1.tgz", + "integrity": "sha512-8UEa58QDLauDNfpbrX55Q9jrGHThw2ZMdOky5Gl1CDtVeJDPVrG4Jxx1N8jw2gkWaff5UUuX1KJd+9zGe2B+ZA==", + "dev": true + }, + "fast-json-stable-stringify": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", + "dev": true + }, + "fast-levenshtein": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz", + "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", + "dev": true + }, + "fb-watchman": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fb-watchman/-/fb-watchman-2.0.1.tgz", + "integrity": "sha512-DkPJKQeY6kKwmuMretBhr7G6Vodr7bFwDYTXIkfG1gjvNpaxBTQV3PbXg6bR1c1UP4jPOX0jHUbbHANL9vRjVg==", + "dev": true, + "requires": { + "bser": "2.1.1" + } + }, + "fill-range": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", + "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "dev": true, + "requires": { + "to-regex-range": "^5.0.1" + } + }, + "find-up": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", + "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==", + "dev": true, + "requires": { + "locate-path": "^5.0.0", + "path-exists": "^4.0.0" + } + }, + "for-in": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz", + "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA=", + "dev": true + }, + "forever-agent": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", + "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", + "dev": true + }, + "form-data": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", + "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", + "dev": true, + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.6", + "mime-types": "^2.1.12" + } + }, + "fragment-cache": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/fragment-cache/-/fragment-cache-0.2.1.tgz", + "integrity": "sha1-QpD60n8T6Jvn8zeZxrxaCr//DRk=", + "dev": true, + "requires": { + "map-cache": "^0.2.2" + } + }, + "fs.realpath": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", + "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", + "dev": true + }, + "fsevents": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.1.3.tgz", + "integrity": "sha512-Auw9a4AxqWpa9GUfj370BMPzzyncfBABW8Mab7BGWBYDj4Isgq+cDKtx0i6u9jcX9pQDnswsaaOTgTmA5pEjuQ==", + "dev": true, + "optional": true + }, + "gensync": { + "version": "1.0.0-beta.1", + "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.1.tgz", + "integrity": "sha512-r8EC6NO1sngH/zdD9fiRDLdcgnbayXah+mLgManTaIZJqEC1MZstmnox8KpnI2/fxQwrp5OpCOYWLp4rBl4Jcg==", + "dev": true + }, + "get-caller-file": { + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", + "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", + "dev": true + }, + "get-package-type": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", + "integrity": "sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==", + "dev": true + }, + "get-stream": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz", + "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==", + "dev": true, + "requires": { + "pump": "^3.0.0" + } + }, + "get-value": { + "version": "2.0.6", + "resolved": "https://registry.npmjs.org/get-value/-/get-value-2.0.6.tgz", + "integrity": "sha1-3BXKHGcjh8p2vTesCjlbogQqLCg=", + "dev": true + }, + "getpass": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", + "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0" + } + }, + "glob": { + "version": "7.1.6", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", + "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", + "dev": true, + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + } + }, + "globals": { + "version": "11.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", + "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", + "dev": true + }, + "graceful-fs": { + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.4.tgz", + "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==", + "dev": true + }, + "growly": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/growly/-/growly-1.3.0.tgz", + "integrity": "sha1-8QdIy+dq+WS3yWyTxrzCivEgwIE=", + "dev": true, + "optional": true + }, + "har-schema": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", + "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", + "dev": true + }, + "har-validator": { + "version": "5.1.3", + "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz", + "integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==", + "dev": true, + "requires": { + "ajv": "^6.5.5", + "har-schema": "^2.0.0" + } + }, + "has-flag": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", + "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", + "dev": true + }, + "has-value": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-value/-/has-value-1.0.0.tgz", + "integrity": "sha1-GLKB2lhbHFxR3vJMkw7SmgvmsXc=", + "dev": true, + "requires": { + "get-value": "^2.0.6", + "has-values": "^1.0.0", + "isobject": "^3.0.0" + } + }, + "has-values": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/has-values/-/has-values-1.0.0.tgz", + "integrity": "sha1-lbC2P+whRmGab+V/51Yo1aOe/k8=", + "dev": true, + "requires": { + "is-number": "^3.0.0", + "kind-of": "^4.0.0" + }, + "dependencies": { + "is-number": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", + "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "kind-of": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-4.0.0.tgz", + "integrity": "sha1-IIE989cSkosgc3hpGkUGb65y3Vc=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "hosted-git-info": { + "version": "2.8.8", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.8.tgz", + "integrity": "sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==", + "dev": true + }, + "html-encoding-sniffer": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-1.0.2.tgz", + "integrity": "sha512-71lZziiDnsuabfdYiUeWdCVyKuqwWi23L8YeIgV9jSSZHCtb6wB1BKWooH7L3tn4/FuZJMVWyNaIDr4RGmaSYw==", + "dev": true, + "requires": { + "whatwg-encoding": "^1.0.1" + } + }, + "html-escaper": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", + "integrity": "sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==", + "dev": true + }, + "http-signature": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", + "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0", + "jsprim": "^1.2.2", + "sshpk": "^1.7.0" + } + }, + "human-signals": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-1.1.1.tgz", + "integrity": "sha512-SEQu7vl8KjNL2eoGBLF3+wAjpsNfA9XMlXAYj/3EdaNfAlxKthD1xjEQfGOUhllCGGJVNY34bRr6lPINhNjyZw==", + "dev": true + }, + "iconv-lite": { + "version": "0.4.24", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", + "dev": true, + "requires": { + "safer-buffer": ">= 2.1.2 < 3" + } + }, + "import-local": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.2.tgz", + "integrity": "sha512-vjL3+w0oulAVZ0hBHnxa/Nm5TAurf9YLQJDhqRZyqb+VKGOB6LU8t9H1Nr5CIo16vh9XfJTOoHwU0B71S557gA==", + "dev": true, + "requires": { + "pkg-dir": "^4.2.0", + "resolve-cwd": "^3.0.0" + } + }, + "imurmurhash": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz", + "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o=", + "dev": true + }, + "inflight": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", + "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", + "dev": true, + "requires": { + "once": "^1.3.0", + "wrappy": "1" + } + }, + "inherits": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", + "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==", + "dev": true + }, + "ip-regex": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-2.1.0.tgz", + "integrity": "sha1-+ni/XS5pE8kRzp+BnuUUa7bYROk=", + "dev": true + }, + "is-accessor-descriptor": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz", + "integrity": "sha1-qeEss66Nh2cn7u84Q/igiXtcmNY=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "is-arrayish": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz", + "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", + "dev": true + }, + "is-buffer": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-1.1.6.tgz", + "integrity": "sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==", + "dev": true + }, + "is-ci": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-2.0.0.tgz", + "integrity": "sha512-YfJT7rkpQB0updsdHLGWrvhBJfcfzNNawYDNIyQXJz0IViGf75O8EBPKSdvw2rF+LGCsX4FZ8tcr3b19LcZq4w==", + "dev": true, + "requires": { + "ci-info": "^2.0.0" + } + }, + "is-data-descriptor": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-0.1.4.tgz", + "integrity": "sha1-C17mSDiOLIYCgueT8YVv7D8wG1Y=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "is-descriptor": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-0.1.6.tgz", + "integrity": "sha512-avDYr0SB3DwO9zsMov0gKCESFYqCnE4hq/4z3TdUlukEy5t9C0YRq7HLrsN52NAcqXKaepeCD0n+B0arnVG3Hg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^0.1.6", + "is-data-descriptor": "^0.1.4", + "kind-of": "^5.0.0" + }, + "dependencies": { + "kind-of": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-5.1.0.tgz", + "integrity": "sha512-NGEErnH6F2vUuXDh+OlbcKW7/wOcfdRHaZ7VWtqCztfHri/++YKmP51OdWeGPuqCOba6kk2OTe5d02VmTB80Pw==", + "dev": true + } + } + }, + "is-docker": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.0.0.tgz", + "integrity": "sha512-pJEdRugimx4fBMra5z2/5iRdZ63OhYV0vr0Dwm5+xtW4D1FvRkB8hamMIhnWfyJeDdyr/aa7BDyNbtG38VxgoQ==", + "dev": true, + "optional": true + }, + "is-extendable": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz", + "integrity": "sha1-YrEQ4omkcUGOPsNqYX1HLjAd/Ik=", + "dev": true + }, + "is-fullwidth-code-point": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz", + "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==", + "dev": true + }, + "is-generator-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-generator-fn/-/is-generator-fn-2.1.0.tgz", + "integrity": "sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ==", + "dev": true + }, + "is-number": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", + "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==", + "dev": true + }, + "is-plain-object": { + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", + "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==", + "dev": true, + "requires": { + "isobject": "^3.0.1" + } + }, + "is-stream": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", + "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=", + "dev": true + }, + "is-typedarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", + "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", + "dev": true + }, + "is-windows": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz", + "integrity": "sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA==", + "dev": true + }, + "is-wsl": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", + "integrity": "sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==", + "dev": true, + "optional": true, + "requires": { + "is-docker": "^2.0.0" + } + }, + "isarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", + "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=", + "dev": true + }, + "isexe": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", + "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=", + "dev": true + }, + "isobject": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz", + "integrity": "sha1-TkMekrEalzFjaqH5yNHMvP2reN8=", + "dev": true + }, + "isstream": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", + "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=", + "dev": true + }, + "istanbul-lib-coverage": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.0.0.tgz", + "integrity": "sha512-UiUIqxMgRDET6eR+o5HbfRYP1l0hqkWOs7vNxC/mggutCMUIhWMm8gAHb8tHlyfD3/l6rlgNA5cKdDzEAf6hEg==", + "dev": true + }, + "istanbul-lib-instrument": { + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz", + "integrity": "sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==", + "dev": true, + "requires": { + "@babel/core": "^7.7.5", + "@istanbuljs/schema": "^0.1.2", + "istanbul-lib-coverage": "^3.0.0", + "semver": "^6.3.0" + } + }, + "istanbul-lib-report": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-report/-/istanbul-lib-report-3.0.0.tgz", + "integrity": "sha512-wcdi+uAKzfiGT2abPpKZ0hSU1rGQjUQnLvtY5MpQ7QCTahD3VODhcu4wcfY1YtkGaDD5yuydOLINXsfbus9ROw==", + "dev": true, + "requires": { + "istanbul-lib-coverage": "^3.0.0", + "make-dir": "^3.0.0", + "supports-color": "^7.1.0" + } + }, + "istanbul-lib-source-maps": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/istanbul-lib-source-maps/-/istanbul-lib-source-maps-4.0.0.tgz", + "integrity": "sha512-c16LpFRkR8vQXyHZ5nLpY35JZtzj1PQY1iZmesUbf1FZHbIupcWfjgOXBY9YHkLEQ6puz1u4Dgj6qmU/DisrZg==", + "dev": true, + "requires": { + "debug": "^4.1.1", + "istanbul-lib-coverage": "^3.0.0", + "source-map": "^0.6.1" + } + }, + "istanbul-reports": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/istanbul-reports/-/istanbul-reports-3.0.2.tgz", + "integrity": "sha512-9tZvz7AiR3PEDNGiV9vIouQ/EAcqMXFmkcA1CDFTwOB98OZVDL0PH9glHotf5Ugp6GCOTypfzGWI/OqjWNCRUw==", + "dev": true, + "requires": { + "html-escaper": "^2.0.0", + "istanbul-lib-report": "^3.0.0" + } + }, + "jest": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest/-/jest-25.5.4.tgz", + "integrity": "sha512-hHFJROBTqZahnO+X+PMtT6G2/ztqAZJveGqz//FnWWHurizkD05PQGzRZOhF3XP6z7SJmL+5tCfW8qV06JypwQ==", + "dev": true, + "requires": { + "@jest/core": "^25.5.4", + "import-local": "^3.0.2", + "jest-cli": "^25.5.4" + }, + "dependencies": { + "jest-cli": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-cli/-/jest-cli-25.5.4.tgz", + "integrity": "sha512-rG8uJkIiOUpnREh1768/N3n27Cm+xPFkSNFO91tgg+8o2rXeVLStz+vkXkGr4UtzH6t1SNbjwoiswd7p4AhHTw==", + "dev": true, + "requires": { + "@jest/core": "^25.5.4", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "import-local": "^3.0.2", + "is-ci": "^2.0.0", + "jest-config": "^25.5.4", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "prompts": "^2.0.1", + "realpath-native": "^2.0.0", + "yargs": "^15.3.1" + } + } + } + }, + "jest-changed-files": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-changed-files/-/jest-changed-files-25.5.0.tgz", + "integrity": "sha512-EOw9QEqapsDT7mKF162m8HFzRPbmP8qJQny6ldVOdOVBz3ACgPm/1nAn5fPQ/NDaYhX/AHkrGwwkCncpAVSXcw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "execa": "^3.2.0", + "throat": "^5.0.0" + }, + "dependencies": { + "cross-spawn": { + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", + "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "dev": true, + "requires": { + "path-key": "^3.1.0", + "shebang-command": "^2.0.0", + "which": "^2.0.1" + } + }, + "execa": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/execa/-/execa-3.4.0.tgz", + "integrity": "sha512-r9vdGQk4bmCuK1yKQu1KTwcT2zwfWdbdaXfCtAh+5nU/4fSX+JAb7vZGvI5naJrQlvONrEB20jeruESI69530g==", + "dev": true, + "requires": { + "cross-spawn": "^7.0.0", + "get-stream": "^5.0.0", + "human-signals": "^1.1.1", + "is-stream": "^2.0.0", + "merge-stream": "^2.0.0", + "npm-run-path": "^4.0.0", + "onetime": "^5.1.0", + "p-finally": "^2.0.0", + "signal-exit": "^3.0.2", + "strip-final-newline": "^2.0.0" + } + }, + "get-stream": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.1.0.tgz", + "integrity": "sha512-EXr1FOzrzTfGeL0gQdeFEvOMm2mzMOglyiOXSTpPC+iAjAKftbr3jpCMWynogwYnM+eSj9sHGc6wjIcDvYiygw==", + "dev": true, + "requires": { + "pump": "^3.0.0" + } + }, + "is-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.0.tgz", + "integrity": "sha512-XCoy+WlUr7d1+Z8GgSuXmpuUFC9fOhRXglJMx+dwLKTkL44Cjd4W1Z5P+BQZpr+cR93aGP4S/s7Ftw6Nd/kiEw==", + "dev": true + }, + "npm-run-path": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz", + "integrity": "sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==", + "dev": true, + "requires": { + "path-key": "^3.0.0" + } + }, + "p-finally": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-2.0.1.tgz", + "integrity": "sha512-vpm09aKwq6H9phqRQzecoDpD8TmVyGw70qmWlyq5onxY7tqyTTFVvxMykxQSQKILBSFlbXpypIw2T1Ml7+DDtw==", + "dev": true + }, + "path-key": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", + "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==", + "dev": true + }, + "shebang-command": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", + "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==", + "dev": true, + "requires": { + "shebang-regex": "^3.0.0" + } + }, + "shebang-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz", + "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", + "dev": true + } + } + }, + "jest-config": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-config/-/jest-config-25.5.4.tgz", + "integrity": "sha512-SZwR91SwcdK6bz7Gco8qL7YY2sx8tFJYzvg216DLihTWf+LKY/DoJXpM9nTzYakSyfblbqeU48p/p7Jzy05Atg==", + "dev": true, + "requires": { + "@babel/core": "^7.1.0", + "@jest/test-sequencer": "^25.5.4", + "@jest/types": "^25.5.0", + "babel-jest": "^25.5.1", + "chalk": "^3.0.0", + "deepmerge": "^4.2.2", + "glob": "^7.1.1", + "graceful-fs": "^4.2.4", + "jest-environment-jsdom": "^25.5.0", + "jest-environment-node": "^25.5.0", + "jest-get-type": "^25.2.6", + "jest-jasmine2": "^25.5.4", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "micromatch": "^4.0.2", + "pretty-format": "^25.5.0", + "realpath-native": "^2.0.0" + } + }, + "jest-diff": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-25.5.0.tgz", + "integrity": "sha512-z1kygetuPiREYdNIumRpAHY6RXiGmp70YHptjdaxTWGmA085W3iCnXNx0DhflK3vwrKmrRWyY1wUpkPMVxMK7A==", + "dev": true, + "requires": { + "chalk": "^3.0.0", + "diff-sequences": "^25.2.6", + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-docblock": { + "version": "25.3.0", + "resolved": "https://registry.npmjs.org/jest-docblock/-/jest-docblock-25.3.0.tgz", + "integrity": "sha512-aktF0kCar8+zxRHxQZwxMy70stc9R1mOmrLsT5VO3pIT0uzGRSDAXxSlz4NqQWpuLjPpuMhPRl7H+5FRsvIQAg==", + "dev": true, + "requires": { + "detect-newline": "^3.0.0" + } + }, + "jest-each": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-each/-/jest-each-25.5.0.tgz", + "integrity": "sha512-QBogUxna3D8vtiItvn54xXde7+vuzqRrEeaw8r1s+1TG9eZLVJE5ZkKoSUlqFwRjnlaA4hyKGiu9OlkFIuKnjA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "jest-get-type": "^25.2.6", + "jest-util": "^25.5.0", + "pretty-format": "^25.5.0" + } + }, + "jest-environment-jsdom": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-environment-jsdom/-/jest-environment-jsdom-25.5.0.tgz", + "integrity": "sha512-7Jr02ydaq4jaWMZLY+Skn8wL5nVIYpWvmeatOHL3tOcV3Zw8sjnPpx+ZdeBfc457p8jCR9J6YCc+Lga0oIy62A==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "jsdom": "^15.2.1" + } + }, + "jest-environment-node": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-environment-node/-/jest-environment-node-25.5.0.tgz", + "integrity": "sha512-iuxK6rQR2En9EID+2k+IBs5fCFd919gVVK5BeND82fYeLWPqvRcFNPKu9+gxTwfB5XwBGBvZ0HFQa+cHtIoslA==", + "dev": true, + "requires": { + "@jest/environment": "^25.5.0", + "@jest/fake-timers": "^25.5.0", + "@jest/types": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-util": "^25.5.0", + "semver": "^6.3.0" + } + }, + "jest-get-type": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/jest-get-type/-/jest-get-type-25.2.6.tgz", + "integrity": "sha512-DxjtyzOHjObRM+sM1knti6or+eOgcGU4xVSb2HNP1TqO4ahsT+rqZg+nyqHWJSvWgKC5cG3QjGFBqxLghiF/Ig==", + "dev": true + }, + "jest-haste-map": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-haste-map/-/jest-haste-map-25.5.1.tgz", + "integrity": "sha512-dddgh9UZjV7SCDQUrQ+5t9yy8iEgKc1AKqZR9YDww8xsVOtzPQSMVLDChc21+g29oTRexb9/B0bIlZL+sWmvAQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "@types/graceful-fs": "^4.1.2", + "anymatch": "^3.0.3", + "fb-watchman": "^2.0.0", + "fsevents": "^2.1.2", + "graceful-fs": "^4.2.4", + "jest-serializer": "^25.5.0", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "micromatch": "^4.0.2", + "sane": "^4.0.3", + "walker": "^1.0.7", + "which": "^2.0.2" + } + }, + "jest-jasmine2": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-jasmine2/-/jest-jasmine2-25.5.4.tgz", + "integrity": "sha512-9acbWEfbmS8UpdcfqnDO+uBUgKa/9hcRh983IHdM+pKmJPL77G0sWAAK0V0kr5LK3a8cSBfkFSoncXwQlRZfkQ==", + "dev": true, + "requires": { + "@babel/traverse": "^7.1.0", + "@jest/environment": "^25.5.0", + "@jest/source-map": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "co": "^4.6.0", + "expect": "^25.5.0", + "is-generator-fn": "^2.0.0", + "jest-each": "^25.5.0", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-runtime": "^25.5.4", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "pretty-format": "^25.5.0", + "throat": "^5.0.0" + } + }, + "jest-leak-detector": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-leak-detector/-/jest-leak-detector-25.5.0.tgz", + "integrity": "sha512-rV7JdLsanS8OkdDpZtgBf61L5xZ4NnYLBq72r6ldxahJWWczZjXawRsoHyXzibM5ed7C2QRjpp6ypgwGdKyoVA==", + "dev": true, + "requires": { + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-matcher-utils": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-25.5.0.tgz", + "integrity": "sha512-VWI269+9JS5cpndnpCwm7dy7JtGQT30UHfrnM3mXl22gHGt/b7NkjBqXfbhZ8V4B7ANUsjK18PlSBmG0YH7gjw==", + "dev": true, + "requires": { + "chalk": "^3.0.0", + "jest-diff": "^25.5.0", + "jest-get-type": "^25.2.6", + "pretty-format": "^25.5.0" + } + }, + "jest-message-util": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-25.5.0.tgz", + "integrity": "sha512-ezddz3YCT/LT0SKAmylVyWWIGYoKHOFOFXx3/nA4m794lfVUskMcwhip6vTgdVrOtYdjeQeis2ypzes9mZb4EA==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.0.0", + "@jest/types": "^25.5.0", + "@types/stack-utils": "^1.0.1", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "micromatch": "^4.0.2", + "slash": "^3.0.0", + "stack-utils": "^1.0.1" + } + }, + "jest-mock": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-25.5.0.tgz", + "integrity": "sha512-eXWuTV8mKzp/ovHc5+3USJMYsTBhyQ+5A1Mak35dey/RG8GlM4YWVylZuGgVXinaW6tpvk/RSecmF37FKUlpXA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0" + } + }, + "jest-pnp-resolver": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/jest-pnp-resolver/-/jest-pnp-resolver-1.2.1.tgz", + "integrity": "sha512-pgFw2tm54fzgYvc/OHrnysABEObZCUNFnhjoRjaVOCN8NYc032/gVjPaHD4Aq6ApkSieWtfKAFQtmDKAmhupnQ==", + "dev": true + }, + "jest-regex-util": { + "version": "25.2.6", + "resolved": "https://registry.npmjs.org/jest-regex-util/-/jest-regex-util-25.2.6.tgz", + "integrity": "sha512-KQqf7a0NrtCkYmZZzodPftn7fL1cq3GQAFVMn5Hg8uKx/fIenLEobNanUxb7abQ1sjADHBseG/2FGpsv/wr+Qw==", + "dev": true + }, + "jest-resolve": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-resolve/-/jest-resolve-25.5.1.tgz", + "integrity": "sha512-Hc09hYch5aWdtejsUZhA+vSzcotf7fajSlPA6EZPE1RmPBAD39XtJhvHWFStid58iit4IPDLI/Da4cwdDmAHiQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "browser-resolve": "^1.11.3", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "jest-pnp-resolver": "^1.2.1", + "read-pkg-up": "^7.0.1", + "realpath-native": "^2.0.0", + "resolve": "^1.17.0", + "slash": "^3.0.0" + } + }, + "jest-resolve-dependencies": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-resolve-dependencies/-/jest-resolve-dependencies-25.5.4.tgz", + "integrity": "sha512-yFmbPd+DAQjJQg88HveObcGBA32nqNZ02fjYmtL16t1xw9bAttSn5UGRRhzMHIQbsep7znWvAvnD4kDqOFM0Uw==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-snapshot": "^25.5.1" + } + }, + "jest-runner": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-runner/-/jest-runner-25.5.4.tgz", + "integrity": "sha512-V/2R7fKZo6blP8E9BL9vJ8aTU4TH2beuqGNxHbxi6t14XzTb+x90B3FRgdvuHm41GY8ch4xxvf0ATH4hdpjTqg==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/environment": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "exit": "^0.1.2", + "graceful-fs": "^4.2.4", + "jest-config": "^25.5.4", + "jest-docblock": "^25.3.0", + "jest-haste-map": "^25.5.1", + "jest-jasmine2": "^25.5.4", + "jest-leak-detector": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-resolve": "^25.5.1", + "jest-runtime": "^25.5.4", + "jest-util": "^25.5.0", + "jest-worker": "^25.5.0", + "source-map-support": "^0.5.6", + "throat": "^5.0.0" + } + }, + "jest-runtime": { + "version": "25.5.4", + "resolved": "https://registry.npmjs.org/jest-runtime/-/jest-runtime-25.5.4.tgz", + "integrity": "sha512-RWTt8LeWh3GvjYtASH2eezkc8AehVoWKK20udV6n3/gC87wlTbE1kIA+opCvNWyyPeBs6ptYsc6nyHUb1GlUVQ==", + "dev": true, + "requires": { + "@jest/console": "^25.5.0", + "@jest/environment": "^25.5.0", + "@jest/globals": "^25.5.2", + "@jest/source-map": "^25.5.0", + "@jest/test-result": "^25.5.0", + "@jest/transform": "^25.5.1", + "@jest/types": "^25.5.0", + "@types/yargs": "^15.0.0", + "chalk": "^3.0.0", + "collect-v8-coverage": "^1.0.0", + "exit": "^0.1.2", + "glob": "^7.1.3", + "graceful-fs": "^4.2.4", + "jest-config": "^25.5.4", + "jest-haste-map": "^25.5.1", + "jest-message-util": "^25.5.0", + "jest-mock": "^25.5.0", + "jest-regex-util": "^25.2.6", + "jest-resolve": "^25.5.1", + "jest-snapshot": "^25.5.1", + "jest-util": "^25.5.0", + "jest-validate": "^25.5.0", + "realpath-native": "^2.0.0", + "slash": "^3.0.0", + "strip-bom": "^4.0.0", + "yargs": "^15.3.1" + } + }, + "jest-serializer": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-serializer/-/jest-serializer-25.5.0.tgz", + "integrity": "sha512-LxD8fY1lByomEPflwur9o4e2a5twSQ7TaVNLlFUuToIdoJuBt8tzHfCsZ42Ok6LkKXWzFWf3AGmheuLAA7LcCA==", + "dev": true, + "requires": { + "graceful-fs": "^4.2.4" + } + }, + "jest-snapshot": { + "version": "25.5.1", + "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-25.5.1.tgz", + "integrity": "sha512-C02JE1TUe64p2v1auUJ2ze5vcuv32tkv9PyhEb318e8XOKF7MOyXdJ7kdjbvrp3ChPLU2usI7Rjxs97Dj5P0uQ==", + "dev": true, + "requires": { + "@babel/types": "^7.0.0", + "@jest/types": "^25.5.0", + "@types/prettier": "^1.19.0", + "chalk": "^3.0.0", + "expect": "^25.5.0", + "graceful-fs": "^4.2.4", + "jest-diff": "^25.5.0", + "jest-get-type": "^25.2.6", + "jest-matcher-utils": "^25.5.0", + "jest-message-util": "^25.5.0", + "jest-resolve": "^25.5.1", + "make-dir": "^3.0.0", + "natural-compare": "^1.4.0", + "pretty-format": "^25.5.0", + "semver": "^6.3.0" + } + }, + "jest-util": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-25.5.0.tgz", + "integrity": "sha512-KVlX+WWg1zUTB9ktvhsg2PXZVdkI1NBevOJSkTKYAyXyH4QSvh+Lay/e/v+bmaFfrkfx43xD8QTfgobzlEXdIA==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "chalk": "^3.0.0", + "graceful-fs": "^4.2.4", + "is-ci": "^2.0.0", + "make-dir": "^3.0.0" + } + }, + "jest-validate": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-validate/-/jest-validate-25.5.0.tgz", + "integrity": "sha512-okUFKqhZIpo3jDdtUXUZ2LxGUZJIlfdYBvZb1aczzxrlyMlqdnnws9MOxezoLGhSaFc2XYaHNReNQfj5zPIWyQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "camelcase": "^5.3.1", + "chalk": "^3.0.0", + "jest-get-type": "^25.2.6", + "leven": "^3.1.0", + "pretty-format": "^25.5.0" + } + }, + "jest-watcher": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-watcher/-/jest-watcher-25.5.0.tgz", + "integrity": "sha512-XrSfJnVASEl+5+bb51V0Q7WQx65dTSk7NL4yDdVjPnRNpM0hG+ncFmDYJo9O8jaSRcAitVbuVawyXCRoxGrT5Q==", + "dev": true, + "requires": { + "@jest/test-result": "^25.5.0", + "@jest/types": "^25.5.0", + "ansi-escapes": "^4.2.1", + "chalk": "^3.0.0", + "jest-util": "^25.5.0", + "string-length": "^3.1.0" + } + }, + "jest-worker": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-25.5.0.tgz", + "integrity": "sha512-/dsSmUkIy5EBGfv/IjjqmFxrNAUpBERfGs1oHROyD7yxjG/w+t0GOJDX8O1k32ySmd7+a5IhnJU2qQFcJ4n1vw==", + "dev": true, + "requires": { + "merge-stream": "^2.0.0", + "supports-color": "^7.0.0" + } + }, + "js-tokens": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz", + "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", + "dev": true + }, + "js-yaml": { + "version": "3.14.0", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.0.tgz", + "integrity": "sha512-/4IbIeHcD9VMHFqDR/gQ7EdZdLimOvW2DdcxFjdyyZ9NsbS+ccrXqVWDtab/lRl5AlUqmpBx8EhPaWR+OtY17A==", + "dev": true, + "requires": { + "argparse": "^1.0.7", + "esprima": "^4.0.0" + } + }, + "jsbn": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", + "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=", + "dev": true + }, + "jsdom": { + "version": "15.2.1", + "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-15.2.1.tgz", + "integrity": "sha512-fAl1W0/7T2G5vURSyxBzrJ1LSdQn6Tr5UX/xD4PXDx/PDgwygedfW6El/KIj3xJ7FU61TTYnc/l/B7P49Eqt6g==", + "dev": true, + "requires": { + "abab": "^2.0.0", + "acorn": "^7.1.0", + "acorn-globals": "^4.3.2", + "array-equal": "^1.0.0", + "cssom": "^0.4.1", + "cssstyle": "^2.0.0", + "data-urls": "^1.1.0", + "domexception": "^1.0.1", + "escodegen": "^1.11.1", + "html-encoding-sniffer": "^1.0.2", + "nwsapi": "^2.2.0", + "parse5": "5.1.0", + "pn": "^1.1.0", + "request": "^2.88.0", + "request-promise-native": "^1.0.7", + "saxes": "^3.1.9", + "symbol-tree": "^3.2.2", + "tough-cookie": "^3.0.1", + "w3c-hr-time": "^1.0.1", + "w3c-xmlserializer": "^1.1.2", + "webidl-conversions": "^4.0.2", + "whatwg-encoding": "^1.0.5", + "whatwg-mimetype": "^2.3.0", + "whatwg-url": "^7.0.0", + "ws": "^7.0.0", + "xml-name-validator": "^3.0.0" + } + }, + "jsesc": { + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-2.5.2.tgz", + "integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==", + "dev": true + }, + "json-parse-better-errors": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz", + "integrity": "sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==", + "dev": true + }, + "json-schema": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", + "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=", + "dev": true + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, + "json-stringify-safe": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", + "dev": true + }, + "json5": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.1.3.tgz", + "integrity": "sha512-KXPvOm8K9IJKFM0bmdn8QXh7udDh1g/giieX0NLCaMnb4hEiVFqnop2ImTXCc5e0/oHz3LTqmHGtExn5hfMkOA==", + "dev": true, + "requires": { + "minimist": "^1.2.5" + } + }, + "jsprim": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", + "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", + "dev": true, + "requires": { + "assert-plus": "1.0.0", + "extsprintf": "1.3.0", + "json-schema": "0.2.3", + "verror": "1.10.0" + } + }, + "kind-of": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz", + "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==", + "dev": true + }, + "kleur": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true + }, + "leven": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", + "integrity": "sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==", + "dev": true + }, + "levn": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", + "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2" + } + }, + "lines-and-columns": { + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.1.6.tgz", + "integrity": "sha1-HADHQ7QzzQpOgHWPe2SldEDZ/wA=", + "dev": true + }, + "locate-path": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz", + "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==", + "dev": true, + "requires": { + "p-locate": "^4.1.0" + } + }, + "lodash": { + "version": "4.17.15", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz", + "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==", + "dev": true + }, + "lodash.set": { + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", + "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=" + }, + "lodash.sortby": { + "version": "4.7.0", + "resolved": "https://registry.npmjs.org/lodash.sortby/-/lodash.sortby-4.7.0.tgz", + "integrity": "sha1-7dFMgk4sycHgsKG0K7UhBRakJDg=", + "dev": true + }, + "lolex": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/lolex/-/lolex-5.1.2.tgz", + "integrity": "sha512-h4hmjAvHTmd+25JSwrtTIuwbKdwg5NzZVRMLn9saij4SZaepCrTCxPr35H/3bjwfMJtN+t3CX8672UIkglz28A==", + "dev": true, + "requires": { + "@sinonjs/commons": "^1.7.0" + } + }, + "make-dir": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", + "integrity": "sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==", + "dev": true, + "requires": { + "semver": "^6.0.0" + } + }, + "makeerror": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/makeerror/-/makeerror-1.0.11.tgz", + "integrity": "sha1-4BpckQnyr3lmDk6LlYd5AYT1qWw=", + "dev": true, + "requires": { + "tmpl": "1.0.x" + } + }, + "map-cache": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/map-cache/-/map-cache-0.2.2.tgz", + "integrity": "sha1-wyq9C9ZSXZsFFkW7TyasXcmKDb8=", + "dev": true + }, + "map-visit": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/map-visit/-/map-visit-1.0.0.tgz", + "integrity": "sha1-7Nyo8TFE5mDxtb1B8S80edmN+48=", + "dev": true, + "requires": { + "object-visit": "^1.0.0" + } + }, + "merge-stream": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", + "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==", + "dev": true + }, + "micromatch": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.2.tgz", + "integrity": "sha512-y7FpHSbMUMoyPbYUSzO6PaZ6FyRnQOpHuKwbo1G+Knck95XVU4QAiKdGEnj5wwoS7PlOgthX/09u5iFJ+aYf5Q==", + "dev": true, + "requires": { + "braces": "^3.0.1", + "picomatch": "^2.0.5" + } + }, + "mime-db": { + "version": "1.44.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz", + "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==", + "dev": true + }, + "mime-types": { + "version": "2.1.27", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz", + "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==", + "dev": true, + "requires": { + "mime-db": "1.44.0" + } + }, + "mimic-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true + }, + "minimatch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", + "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", + "dev": true, + "requires": { + "brace-expansion": "^1.1.7" + } + }, + "minimist": { + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz", + "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==", + "dev": true + }, + "mixin-deep": { + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.2.tgz", + "integrity": "sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==", + "dev": true, + "requires": { + "for-in": "^1.0.2", + "is-extendable": "^1.0.1" + }, + "dependencies": { + "is-extendable": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-1.0.1.tgz", + "integrity": "sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==", + "dev": true, + "requires": { + "is-plain-object": "^2.0.4" + } + } + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", + "dev": true + }, + "nanomatch": { + "version": "1.2.13", + "resolved": "https://registry.npmjs.org/nanomatch/-/nanomatch-1.2.13.tgz", + "integrity": "sha512-fpoe2T0RbHwBTBUOftAfBPaDEi06ufaUai0mE6Yn1kacc3SnTErfb/h+X94VXzI64rKFHYImXSvdwGGCmwOqCA==", + "dev": true, + "requires": { + "arr-diff": "^4.0.0", + "array-unique": "^0.3.2", + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "fragment-cache": "^0.2.1", + "is-windows": "^1.0.2", + "kind-of": "^6.0.2", + "object.pick": "^1.3.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.1" + } + }, + "natural-compare": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", + "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", + "dev": true + }, + "nice-try": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", + "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==", + "dev": true + }, + "node-int64": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", + "integrity": "sha1-h6kGXNs1XTGC2PlM4RGIuCXGijs=", + "dev": true + }, + "node-modules-regexp": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/node-modules-regexp/-/node-modules-regexp-1.0.0.tgz", + "integrity": "sha1-jZ2+KJZKSsVxLpExZCEHxx6Q7EA=", + "dev": true + }, + "node-notifier": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/node-notifier/-/node-notifier-6.0.0.tgz", + "integrity": "sha512-SVfQ/wMw+DesunOm5cKqr6yDcvUTDl/yc97ybGHMrteNEY6oekXpNpS3lZwgLlwz0FLgHoiW28ZpmBHUDg37cw==", + "dev": true, + "optional": true, + "requires": { + "growly": "^1.3.0", + "is-wsl": "^2.1.1", + "semver": "^6.3.0", + "shellwords": "^0.1.1", + "which": "^1.3.1" + }, + "dependencies": { + "which": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", + "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", + "dev": true, + "optional": true, + "requires": { + "isexe": "^2.0.0" + } + } + } + }, + "normalize-package-data": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz", + "integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==", + "dev": true, + "requires": { + "hosted-git-info": "^2.1.4", + "resolve": "^1.10.0", + "semver": "2 || 3 || 4 || 5", + "validate-npm-package-license": "^3.0.1" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + } + } + }, + "normalize-path": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz", + "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==", + "dev": true + }, + "npm-run-path": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-2.0.2.tgz", + "integrity": "sha1-NakjLfo11wZ7TLLd8jV7GHFTbF8=", + "dev": true, + "requires": { + "path-key": "^2.0.0" + } + }, + "nwsapi": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.0.tgz", + "integrity": "sha512-h2AatdwYH+JHiZpv7pt/gSX1XoRGb7L/qSIeuqA6GwYoF9w1vP1cw42TO0aI2pNyshRK5893hNSl+1//vHK7hQ==", + "dev": true + }, + "oauth-sign": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", + "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", + "dev": true + }, + "object-copy": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/object-copy/-/object-copy-0.1.0.tgz", + "integrity": "sha1-fn2Fi3gb18mRpBupde04EnVOmYw=", + "dev": true, + "requires": { + "copy-descriptor": "^0.1.0", + "define-property": "^0.2.5", + "kind-of": "^3.0.3" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "object-visit": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/object-visit/-/object-visit-1.0.1.tgz", + "integrity": "sha1-95xEk68MU3e1n+OdOV5BBC3QRbs=", + "dev": true, + "requires": { + "isobject": "^3.0.0" + } + }, + "object.pick": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/object.pick/-/object.pick-1.3.0.tgz", + "integrity": "sha1-h6EKxMFpS9Lhy/U1kaZhQftd10c=", + "dev": true, + "requires": { + "isobject": "^3.0.1" + } + }, + "once": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", + "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", + "dev": true, + "requires": { + "wrappy": "1" + } + }, + "onetime": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.0.tgz", + "integrity": "sha512-5NcSkPHhwTVFIQN+TUqXoS5+dlElHXdpAWu9I0HP20YOtIi+aZ0Ct82jdlILDxjLEAWwvm+qj1m6aEtsDVmm6Q==", + "dev": true, + "requires": { + "mimic-fn": "^2.1.0" + } + }, + "optionator": { + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", + "integrity": "sha512-+IW9pACdk3XWmmTXG8m3upGUJst5XRGzxMRjXzAuJ1XnIFNvfhjjIuYkDvysnPQ7qzqVzLt78BCruntqRhWQbA==", + "dev": true, + "requires": { + "deep-is": "~0.1.3", + "fast-levenshtein": "~2.0.6", + "levn": "~0.3.0", + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2", + "word-wrap": "~1.2.3" + } + }, + "p-each-series": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/p-each-series/-/p-each-series-2.1.0.tgz", + "integrity": "sha512-ZuRs1miPT4HrjFa+9fRfOFXxGJfORgelKV9f9nNOWw2gl6gVsRaVDOQP0+MI0G0wGKns1Yacsu0GjOFbTK0JFQ==", + "dev": true + }, + "p-finally": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz", + "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=", + "dev": true + }, + "p-limit": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz", + "integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==", + "dev": true, + "requires": { + "p-try": "^2.0.0" + } + }, + "p-locate": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz", + "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==", + "dev": true, + "requires": { + "p-limit": "^2.2.0" + } + }, + "p-try": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz", + "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==", + "dev": true + }, + "parse-json": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.0.0.tgz", + "integrity": "sha512-OOY5b7PAEFV0E2Fir1KOkxchnZNCdowAJgQ5NuxjpBKTRP3pQhwkrkxqQjeoKJ+fO7bCpmIZaogI4eZGDMEGOw==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.0.0", + "error-ex": "^1.3.1", + "json-parse-better-errors": "^1.0.1", + "lines-and-columns": "^1.1.6" + } + }, + "parse5": { + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/parse5/-/parse5-5.1.0.tgz", + "integrity": "sha512-fxNG2sQjHvlVAYmzBZS9YlDp6PTSSDwa98vkD4QgVDDCAo84z5X1t5XyJQ62ImdLXx5NdIIfihey6xpum9/gRQ==", + "dev": true + }, + "pascalcase": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/pascalcase/-/pascalcase-0.1.1.tgz", + "integrity": "sha1-s2PlXoAGym/iF4TS2yK9FdeRfxQ=", + "dev": true + }, + "path-exists": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz", + "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==", + "dev": true + }, + "path-is-absolute": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", + "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", + "dev": true + }, + "path-key": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz", + "integrity": "sha1-QRyttXTFoUDTpLGRDUDYDMn0C0A=", + "dev": true + }, + "path-parse": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz", + "integrity": "sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==", + "dev": true + }, + "performance-now": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", + "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", + "dev": true + }, + "picomatch": { + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.2.2.tgz", + "integrity": "sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==", + "dev": true + }, + "pirates": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.1.tgz", + "integrity": "sha512-WuNqLTbMI3tmfef2TKxlQmAiLHKtFhlsCZnPIpuv2Ow0RDVO8lfy1Opf4NUzlMXLjPl+Men7AuVdX6TA+s+uGA==", + "dev": true, + "requires": { + "node-modules-regexp": "^1.0.0" + } + }, + "pkg-dir": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz", + "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==", + "dev": true, + "requires": { + "find-up": "^4.0.0" + } + }, + "pn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/pn/-/pn-1.1.0.tgz", + "integrity": "sha512-2qHaIQr2VLRFoxe2nASzsV6ef4yOOH+Fi9FBOVH6cqeSgUnoyySPZkxzLuzd+RYOQTRpROA0ztTMqxROKSb/nA==", + "dev": true + }, + "posix-character-classes": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz", + "integrity": "sha1-AerA/jta9xoqbAL+q7jB/vfgDqs=", + "dev": true + }, + "prelude-ls": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz", + "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=", + "dev": true + }, + "pretty-format": { + "version": "25.5.0", + "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-25.5.0.tgz", + "integrity": "sha512-kbo/kq2LQ/A/is0PQwsEHM7Ca6//bGPPvU6UnsdDRSKTWxT/ru/xb88v4BJf6a69H+uTytOEsTusT9ksd/1iWQ==", + "dev": true, + "requires": { + "@jest/types": "^25.5.0", + "ansi-regex": "^5.0.0", + "ansi-styles": "^4.0.0", + "react-is": "^16.12.0" + }, + "dependencies": { + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", + "dev": true + } + } + }, + "prompts": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.3.2.tgz", + "integrity": "sha512-Q06uKs2CkNYVID0VqwfAl9mipo99zkBv/n2JtWY89Yxa3ZabWSrs0e2KTudKVa3peLUvYXMefDqIleLPVUBZMA==", + "dev": true, + "requires": { + "kleur": "^3.0.3", + "sisteransi": "^1.0.4" + } + }, + "psl": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", + "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", + "dev": true + }, + "pump": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", + "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==", + "dev": true, + "requires": { + "end-of-stream": "^1.1.0", + "once": "^1.3.1" + } + }, + "punycode": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", + "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", + "dev": true + }, + "qs": { + "version": "6.5.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", + "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==", + "dev": true + }, + "react-is": { + "version": "16.13.1", + "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz", + "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==", + "dev": true + }, + "read-pkg": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-5.2.0.tgz", + "integrity": "sha512-Ug69mNOpfvKDAc2Q8DRpMjjzdtrnv9HcSMX+4VsZxD1aZ6ZzrIE7rlzXBtWTyhULSMKg076AW6WR5iZpD0JiOg==", + "dev": true, + "requires": { + "@types/normalize-package-data": "^2.4.0", + "normalize-package-data": "^2.5.0", + "parse-json": "^5.0.0", + "type-fest": "^0.6.0" + }, + "dependencies": { + "type-fest": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.6.0.tgz", + "integrity": "sha512-q+MB8nYR1KDLrgr4G5yemftpMC7/QLqVndBmEEdqzmNj5dcFOO4Oo8qlwZE3ULT3+Zim1F8Kq4cBnikNhlCMlg==", + "dev": true + } + } + }, + "read-pkg-up": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-7.0.1.tgz", + "integrity": "sha512-zK0TB7Xd6JpCLmlLmufqykGE+/TlOePD6qKClNW7hHDKFh/J7/7gCWGR7joEQEW1bKq3a3yUZSObOoWLFQ4ohg==", + "dev": true, + "requires": { + "find-up": "^4.1.0", + "read-pkg": "^5.2.0", + "type-fest": "^0.8.1" + } + }, + "realpath-native": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/realpath-native/-/realpath-native-2.0.0.tgz", + "integrity": "sha512-v1SEYUOXXdbBZK8ZuNgO4TBjamPsiSgcFr0aP+tEKpQZK8vooEUqV6nm6Cv502mX4NF2EfsnVqtNAHG+/6Ur1Q==", + "dev": true + }, + "regex-not": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/regex-not/-/regex-not-1.0.2.tgz", + "integrity": "sha512-J6SDjUgDxQj5NusnOtdFxDwN/+HWykR8GELwctJ7mdqhcyy1xEc4SRFHUXvxTp661YaVKAjfRLZ9cCqS6tn32A==", + "dev": true, + "requires": { + "extend-shallow": "^3.0.2", + "safe-regex": "^1.1.0" + } + }, + "remove-trailing-separator": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz", + "integrity": "sha1-wkvOKig62tW8P1jg1IJJuSN52O8=", + "dev": true + }, + "repeat-element": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/repeat-element/-/repeat-element-1.1.3.tgz", + "integrity": "sha512-ahGq0ZnV5m5XtZLMb+vP76kcAM5nkLqk0lpqAuojSKGgQtn4eRi4ZZGm2olo2zKFH+sMsWaqOCW1dqAnOru72g==", + "dev": true + }, + "repeat-string": { + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz", + "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=", + "dev": true + }, + "request": { + "version": "2.88.2", + "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", + "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "dev": true, + "requires": { + "aws-sign2": "~0.7.0", + "aws4": "^1.8.0", + "caseless": "~0.12.0", + "combined-stream": "~1.0.6", + "extend": "~3.0.2", + "forever-agent": "~0.6.1", + "form-data": "~2.3.2", + "har-validator": "~5.1.3", + "http-signature": "~1.2.0", + "is-typedarray": "~1.0.0", + "isstream": "~0.1.2", + "json-stringify-safe": "~5.0.1", + "mime-types": "~2.1.19", + "oauth-sign": "~0.9.0", + "performance-now": "^2.1.0", + "qs": "~6.5.2", + "safe-buffer": "^5.1.2", + "tough-cookie": "~2.5.0", + "tunnel-agent": "^0.6.0", + "uuid": "^3.3.2" + }, + "dependencies": { + "tough-cookie": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "dev": true, + "requires": { + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + } + } + }, + "request-promise-core": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/request-promise-core/-/request-promise-core-1.1.3.tgz", + "integrity": "sha512-QIs2+ArIGQVp5ZYbWD5ZLCY29D5CfWizP8eWnm8FoGD1TX61veauETVQbrV60662V0oFBkrDOuaBI8XgtuyYAQ==", + "dev": true, + "requires": { + "lodash": "^4.17.15" + } + }, + "request-promise-native": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/request-promise-native/-/request-promise-native-1.0.8.tgz", + "integrity": "sha512-dapwLGqkHtwL5AEbfenuzjTYg35Jd6KPytsC2/TLkVMz8rm+tNt72MGUWT1RP/aYawMpN6HqbNGBQaRcBtjQMQ==", + "dev": true, + "requires": { + "request-promise-core": "1.1.3", + "stealthy-require": "^1.1.1", + "tough-cookie": "^2.3.3" + }, + "dependencies": { + "tough-cookie": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "dev": true, + "requires": { + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + } + } + }, + "require-directory": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", + "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=", + "dev": true + }, + "require-main-filename": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-2.0.0.tgz", + "integrity": "sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==", + "dev": true + }, + "resolve": { + "version": "1.17.0", + "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.17.0.tgz", + "integrity": "sha512-ic+7JYiV8Vi2yzQGFWOkiZD5Z9z7O2Zhm9XMaTxdJExKasieFCr+yXZ/WmXsckHiKl12ar0y6XiXDx3m4RHn1w==", + "dev": true, + "requires": { + "path-parse": "^1.0.6" + } + }, + "resolve-cwd": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz", + "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==", + "dev": true, + "requires": { + "resolve-from": "^5.0.0" + } + }, + "resolve-from": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz", + "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==", + "dev": true + }, + "resolve-url": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/resolve-url/-/resolve-url-0.2.1.tgz", + "integrity": "sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=", + "dev": true + }, + "ret": { + "version": "0.1.15", + "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz", + "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==", + "dev": true + }, + "rimraf": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", + "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==", + "dev": true, + "requires": { + "glob": "^7.1.3" + } + }, + "rsvp": { + "version": "4.8.5", + "resolved": "https://registry.npmjs.org/rsvp/-/rsvp-4.8.5.tgz", + "integrity": "sha512-nfMOlASu9OnRJo1mbEk2cz0D56a1MBNrJ7orjRZQG10XDyuvwksKbuXNp6qa+kbn839HwjwhBzhFmdsaEAfauA==", + "dev": true + }, + "safe-buffer": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", + "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==", + "dev": true + }, + "safe-regex": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-1.1.0.tgz", + "integrity": "sha1-QKNmnzsHfR6UPURinhV91IAjvy4=", + "dev": true, + "requires": { + "ret": "~0.1.10" + } + }, + "safer-buffer": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", + "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==", + "dev": true + }, + "sane": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/sane/-/sane-4.1.0.tgz", + "integrity": "sha512-hhbzAgTIX8O7SHfp2c8/kREfEn4qO/9q8C9beyY6+tvZ87EpoZ3i1RIEvp27YBswnNbY9mWd6paKVmKbAgLfZA==", + "dev": true, + "requires": { + "@cnakazawa/watch": "^1.0.3", + "anymatch": "^2.0.0", + "capture-exit": "^2.0.0", + "exec-sh": "^0.3.2", + "execa": "^1.0.0", + "fb-watchman": "^2.0.0", + "micromatch": "^3.1.4", + "minimist": "^1.1.1", + "walker": "~1.0.5" + }, + "dependencies": { + "anymatch": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-2.0.0.tgz", + "integrity": "sha512-5teOsQWABXHHBFP9y3skS5P3d/WfWXpv3FUpy+LorMrNYaT9pI4oLMQX7jzQ2KklNpGpWHzdCXTDT2Y3XGlZBw==", + "dev": true, + "requires": { + "micromatch": "^3.1.4", + "normalize-path": "^2.1.1" + } + }, + "braces": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/braces/-/braces-2.3.2.tgz", + "integrity": "sha512-aNdbnj9P8PjdXU4ybaWLK2IF3jc/EoDYbC7AazW6to3TRsfXxscC9UXOB5iDiEQrkyIbWp2SLQda4+QAa7nc3w==", + "dev": true, + "requires": { + "arr-flatten": "^1.1.0", + "array-unique": "^0.3.2", + "extend-shallow": "^2.0.1", + "fill-range": "^4.0.0", + "isobject": "^3.0.1", + "repeat-element": "^1.1.2", + "snapdragon": "^0.8.1", + "snapdragon-node": "^2.0.1", + "split-string": "^3.0.2", + "to-regex": "^3.0.1" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "fill-range": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-4.0.0.tgz", + "integrity": "sha1-1USBHUKPmOsGpj3EAtJAPDKMOPc=", + "dev": true, + "requires": { + "extend-shallow": "^2.0.1", + "is-number": "^3.0.0", + "repeat-string": "^1.6.1", + "to-regex-range": "^2.1.0" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "is-number": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz", + "integrity": "sha1-JP1iAaR4LPUFYcgQJ2r8fRLXEZU=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "micromatch": { + "version": "3.1.10", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-3.1.10.tgz", + "integrity": "sha512-MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg==", + "dev": true, + "requires": { + "arr-diff": "^4.0.0", + "array-unique": "^0.3.2", + "braces": "^2.3.1", + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "extglob": "^2.0.4", + "fragment-cache": "^0.2.1", + "kind-of": "^6.0.2", + "nanomatch": "^1.2.9", + "object.pick": "^1.3.0", + "regex-not": "^1.0.0", + "snapdragon": "^0.8.1", + "to-regex": "^3.0.2" + } + }, + "normalize-path": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-2.1.1.tgz", + "integrity": "sha1-GrKLVW4Zg2Oowab35vogE3/mrtk=", + "dev": true, + "requires": { + "remove-trailing-separator": "^1.0.1" + } + }, + "to-regex-range": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-2.1.1.tgz", + "integrity": "sha1-fIDBe53+vlmeJzZ+DU3VWQFB2zg=", + "dev": true, + "requires": { + "is-number": "^3.0.0", + "repeat-string": "^1.6.1" + } + } + } + }, + "saxes": { + "version": "3.1.11", + "resolved": "https://registry.npmjs.org/saxes/-/saxes-3.1.11.tgz", + "integrity": "sha512-Ydydq3zC+WYDJK1+gRxRapLIED9PWeSuuS41wqyoRmzvhhh9nc+QQrVMKJYzJFULazeGhzSV0QleN2wD3boh2g==", + "dev": true, + "requires": { + "xmlchars": "^2.1.1" + } + }, + "semver": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz", + "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==", + "dev": true + }, + "set-blocking": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz", + "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=", + "dev": true + }, + "set-value": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.1.tgz", + "integrity": "sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw==", + "dev": true, + "requires": { + "extend-shallow": "^2.0.1", + "is-extendable": "^0.1.1", + "is-plain-object": "^2.0.3", + "split-string": "^3.0.1" + }, + "dependencies": { + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + } + } + }, + "shebang-command": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-1.2.0.tgz", + "integrity": "sha1-RKrGW2lbAzmJaMOfNj/uXer98eo=", + "dev": true, + "requires": { + "shebang-regex": "^1.0.0" + } + }, + "shebang-regex": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz", + "integrity": "sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=", + "dev": true + }, + "shellwords": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/shellwords/-/shellwords-0.1.1.tgz", + "integrity": "sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww==", + "dev": true, + "optional": true + }, + "signal-exit": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.3.tgz", + "integrity": "sha512-VUJ49FC8U1OxwZLxIbTTrDvLnf/6TDgxZcK8wxR8zs13xpx7xbG60ndBlhNrFi2EMuFRoeDoJO7wthSLq42EjA==", + "dev": true + }, + "sisteransi": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true + }, + "slash": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", + "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==", + "dev": true + }, + "snapdragon": { + "version": "0.8.2", + "resolved": "https://registry.npmjs.org/snapdragon/-/snapdragon-0.8.2.tgz", + "integrity": "sha512-FtyOnWN/wCHTVXOMwvSv26d+ko5vWlIDD6zoUJ7LW8vh+ZBC8QdljveRP+crNrtBwioEUWy/4dMtbBjA4ioNlg==", + "dev": true, + "requires": { + "base": "^0.11.1", + "debug": "^2.2.0", + "define-property": "^0.2.5", + "extend-shallow": "^2.0.1", + "map-cache": "^0.2.2", + "source-map": "^0.5.6", + "source-map-resolve": "^0.5.0", + "use": "^3.1.0" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "dev": true, + "requires": { + "ms": "2.0.0" + } + }, + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + }, + "extend-shallow": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz", + "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=", + "dev": true, + "requires": { + "is-extendable": "^0.1.0" + } + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", + "dev": true + }, + "source-map": { + "version": "0.5.7", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz", + "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=", + "dev": true + } + } + }, + "snapdragon-node": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/snapdragon-node/-/snapdragon-node-2.1.1.tgz", + "integrity": "sha512-O27l4xaMYt/RSQ5TR3vpWCAB5Kb/czIcqUFOM/C4fYcLnbZUc1PkjTAMjof2pBWaSTwOUd6qUHcFGVGj7aIwnw==", + "dev": true, + "requires": { + "define-property": "^1.0.0", + "isobject": "^3.0.0", + "snapdragon-util": "^3.0.1" + }, + "dependencies": { + "define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-1.0.0.tgz", + "integrity": "sha1-dp66rz9KY6rTr56NMEybvnm/sOY=", + "dev": true, + "requires": { + "is-descriptor": "^1.0.0" + } + }, + "is-accessor-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-1.0.0.tgz", + "integrity": "sha512-m5hnHTkcVsPfqx3AKlyttIPb7J+XykHvJP2B9bZDjlhLIoEq4XoK64Vg7boZlVWYK6LUY94dYPEE7Lh0ZkZKcQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-data-descriptor": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-data-descriptor/-/is-data-descriptor-1.0.0.tgz", + "integrity": "sha512-jbRXy1FmtAoCjQkVmIVYwuuqDFUbaOeDjmed1tOGPrsMhtJA4rD9tkgA0F1qJ3gRFRXcHYVkdeaP50Q5rE/jLQ==", + "dev": true, + "requires": { + "kind-of": "^6.0.0" + } + }, + "is-descriptor": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-descriptor/-/is-descriptor-1.0.2.tgz", + "integrity": "sha512-2eis5WqQGV7peooDyLmNEPUrps9+SXX5c9pL3xEB+4e9HnGuDa7mB7kHxHw4CbqS9k1T2hOH3miL8n8WtiYVtg==", + "dev": true, + "requires": { + "is-accessor-descriptor": "^1.0.0", + "is-data-descriptor": "^1.0.0", + "kind-of": "^6.0.2" + } + } + } + }, + "snapdragon-util": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/snapdragon-util/-/snapdragon-util-3.0.1.tgz", + "integrity": "sha512-mbKkMdQKsjX4BAL4bRYTj21edOf8cN7XHdYUJEe+Zn99hVEYcMvKPct1IqNe7+AZPirn8BCDOQBHQZknqmKlZQ==", + "dev": true, + "requires": { + "kind-of": "^3.2.0" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "source-map": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true + }, + "source-map-resolve": { + "version": "0.5.3", + "resolved": "https://registry.npmjs.org/source-map-resolve/-/source-map-resolve-0.5.3.tgz", + "integrity": "sha512-Htz+RnsXWk5+P2slx5Jh3Q66vhQj1Cllm0zvnaY98+NFx+Dv2CF/f5O/t8x+KaNdrdIAsruNzoh/KpialbqAnw==", + "dev": true, + "requires": { + "atob": "^2.1.2", + "decode-uri-component": "^0.2.0", + "resolve-url": "^0.2.1", + "source-map-url": "^0.4.0", + "urix": "^0.1.0" + } + }, + "source-map-support": { + "version": "0.5.19", + "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.19.tgz", + "integrity": "sha512-Wonm7zOCIJzBGQdB+thsPar0kYuCIzYvxZwlBa87yi/Mdjv7Tip2cyVbLj5o0cFPN4EVkuTwb3GDDyUx2DGnGw==", + "dev": true, + "requires": { + "buffer-from": "^1.0.0", + "source-map": "^0.6.0" + } + }, + "source-map-url": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/source-map-url/-/source-map-url-0.4.0.tgz", + "integrity": "sha1-PpNdfd1zYxuXZZlW1VEo6HtQhKM=", + "dev": true + }, + "spdx-correct": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.1.tgz", + "integrity": "sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==", + "dev": true, + "requires": { + "spdx-expression-parse": "^3.0.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-exceptions": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz", + "integrity": "sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A==", + "dev": true + }, + "spdx-expression-parse": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz", + "integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==", + "dev": true, + "requires": { + "spdx-exceptions": "^2.1.0", + "spdx-license-ids": "^3.0.0" + } + }, + "spdx-license-ids": { + "version": "3.0.5", + "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.5.tgz", + "integrity": "sha512-J+FWzZoynJEXGphVIS+XEh3kFSjZX/1i9gFBaWQcB+/tmpe2qUsSBABpcxqxnAxFdiUFEgAX1bjYGQvIZmoz9Q==", + "dev": true + }, + "split-string": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/split-string/-/split-string-3.1.0.tgz", + "integrity": "sha512-NzNVhJDYpwceVVii8/Hu6DKfD2G+NrQHlS/V/qgv763EYudVwEcMQNxd2lh+0VrUByXN/oJkl5grOhYWvQUYiw==", + "dev": true, + "requires": { + "extend-shallow": "^3.0.0" + } + }, + "sprintf-js": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz", + "integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=", + "dev": true + }, + "sshpk": { + "version": "1.16.1", + "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", + "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "dev": true, + "requires": { + "asn1": "~0.2.3", + "assert-plus": "^1.0.0", + "bcrypt-pbkdf": "^1.0.0", + "dashdash": "^1.12.0", + "ecc-jsbn": "~0.1.1", + "getpass": "^0.1.1", + "jsbn": "~0.1.0", + "safer-buffer": "^2.0.2", + "tweetnacl": "~0.14.0" + } + }, + "stack-utils": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/stack-utils/-/stack-utils-1.0.2.tgz", + "integrity": "sha512-MTX+MeG5U994cazkjd/9KNAapsHnibjMLnfXodlkXw76JEea0UiNzrqidzo1emMwk7w5Qhc9jd4Bn9TBb1MFwA==", + "dev": true + }, + "static-extend": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/static-extend/-/static-extend-0.1.2.tgz", + "integrity": "sha1-YICcOcv/VTNyJv1eC1IPNB8ftcY=", + "dev": true, + "requires": { + "define-property": "^0.2.5", + "object-copy": "^0.1.0" + }, + "dependencies": { + "define-property": { + "version": "0.2.5", + "resolved": "https://registry.npmjs.org/define-property/-/define-property-0.2.5.tgz", + "integrity": "sha1-w1se+RjsPJkPmlvFe+BKrOxcgRY=", + "dev": true, + "requires": { + "is-descriptor": "^0.1.0" + } + } + } + }, + "stealthy-require": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/stealthy-require/-/stealthy-require-1.1.1.tgz", + "integrity": "sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks=", + "dev": true + }, + "string-length": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/string-length/-/string-length-3.1.0.tgz", + "integrity": "sha512-Ttp5YvkGm5v9Ijagtaz1BnN+k9ObpvS0eIBblPMp2YWL8FBmi9qblQ9fexc2k/CXFgrTIteU3jAw3payCnwSTA==", + "dev": true, + "requires": { + "astral-regex": "^1.0.0", + "strip-ansi": "^5.2.0" + }, + "dependencies": { + "strip-ansi": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", + "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", + "dev": true, + "requires": { + "ansi-regex": "^4.1.0" + } + } + } + }, + "string-width": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz", + "integrity": "sha512-zUz5JD+tgqtuDjMhwIg5uFVV3dtqZ9yQJlZVfq4I01/K5Paj5UHj7VyrQOJvzawSVlKpObApbfD0Ed6yJc+1eg==", + "dev": true, + "requires": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.0" + } + }, + "strip-ansi": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", + "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", + "dev": true, + "requires": { + "ansi-regex": "^5.0.0" + }, + "dependencies": { + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", + "dev": true + } + } + }, + "strip-bom": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", + "integrity": "sha512-3xurFv5tEgii33Zi8Jtp55wEIILR9eh34FAW00PZf+JnSsTmV/ioewSgQl97JHvgjoRGwPShsWm+IdrxB35d0w==", + "dev": true + }, + "strip-eof": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz", + "integrity": "sha1-u0P/VZim6wXYm1n80SnJgzE2Br8=", + "dev": true + }, + "strip-final-newline": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz", + "integrity": "sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==", + "dev": true + }, + "supports-color": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", + "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "dev": true, + "requires": { + "has-flag": "^4.0.0" + } + }, + "supports-hyperlinks": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/supports-hyperlinks/-/supports-hyperlinks-2.1.0.tgz", + "integrity": "sha512-zoE5/e+dnEijk6ASB6/qrK+oYdm2do1hjoLWrqUC/8WEIW1gbxFcKuBof7sW8ArN6e+AYvsE8HBGiVRWL/F5CA==", + "dev": true, + "requires": { + "has-flag": "^4.0.0", + "supports-color": "^7.0.0" + } + }, + "symbol-tree": { + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz", + "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw==", + "dev": true + }, + "terminal-link": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/terminal-link/-/terminal-link-2.1.1.tgz", + "integrity": "sha512-un0FmiRUQNr5PJqy9kP7c40F5BOfpGlYTrxonDChEZB7pzZxRNp/bt+ymiy9/npwXya9KH99nJ/GXFIiUkYGFQ==", + "dev": true, + "requires": { + "ansi-escapes": "^4.2.1", + "supports-hyperlinks": "^2.0.0" + } + }, + "test-exclude": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/test-exclude/-/test-exclude-6.0.0.tgz", + "integrity": "sha512-cAGWPIyOHU6zlmg88jwm7VRyXnMN7iV68OGAbYDk/Mh/xC/pzVPlQtY6ngoIH/5/tciuhGfvESU8GrHrcxD56w==", + "dev": true, + "requires": { + "@istanbuljs/schema": "^0.1.2", + "glob": "^7.1.4", + "minimatch": "^3.0.4" + } + }, + "throat": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/throat/-/throat-5.0.0.tgz", + "integrity": "sha512-fcwX4mndzpLQKBS1DVYhGAcYaYt7vsHNIvQV+WXMvnow5cgjPphq5CaayLaGsjRdSCKZFNGt7/GYAuXaNOiYCA==", + "dev": true + }, + "tmpl": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.4.tgz", + "integrity": "sha1-I2QN17QtAEM5ERQIIOXPRA5SHdE=", + "dev": true + }, + "to-fast-properties": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz", + "integrity": "sha1-3F5pjL0HkmW8c+A3doGk5Og/YW4=", + "dev": true + }, + "to-object-path": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/to-object-path/-/to-object-path-0.3.0.tgz", + "integrity": "sha1-KXWIt7Dn4KwI4E5nL4XB9JmeF68=", + "dev": true, + "requires": { + "kind-of": "^3.0.2" + }, + "dependencies": { + "kind-of": { + "version": "3.2.2", + "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz", + "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=", + "dev": true, + "requires": { + "is-buffer": "^1.1.5" + } + } + } + }, + "to-regex": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/to-regex/-/to-regex-3.0.2.tgz", + "integrity": "sha512-FWtleNAtZ/Ki2qtqej2CXTOayOH9bHDQF+Q48VpWyDXjbYxA4Yz8iDB31zXOBUlOHHKidDbqGVrTUvQMPmBGBw==", + "dev": true, + "requires": { + "define-property": "^2.0.2", + "extend-shallow": "^3.0.2", + "regex-not": "^1.0.2", + "safe-regex": "^1.1.0" + } + }, + "to-regex-range": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", + "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", + "dev": true, + "requires": { + "is-number": "^7.0.0" + } + }, + "tough-cookie": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-3.0.1.tgz", + "integrity": "sha512-yQyJ0u4pZsv9D4clxO69OEjLWYw+jbgspjTue4lTQZLfV0c5l1VmK2y1JK8E9ahdpltPOaAThPcp5nKPUgSnsg==", + "dev": true, + "requires": { + "ip-regex": "^2.1.0", + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + }, + "tr46": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-1.0.1.tgz", + "integrity": "sha1-qLE/1r/SSJUZZ0zN5VujaTtwbQk=", + "dev": true, + "requires": { + "punycode": "^2.1.0" + } + }, + "tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "dev": true, + "requires": { + "safe-buffer": "^5.0.1" + } + }, + "tweetnacl": { + "version": "0.14.5", + "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", + "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=", + "dev": true + }, + "type-check": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz", + "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2" + } + }, + "type-detect": { + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/type-detect/-/type-detect-4.0.8.tgz", + "integrity": "sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==", + "dev": true + }, + "type-fest": { + "version": "0.8.1", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.8.1.tgz", + "integrity": "sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA==", + "dev": true + }, + "typedarray-to-buffer": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz", + "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==", + "dev": true, + "requires": { + "is-typedarray": "^1.0.0" + } + }, + "union-value": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.1.tgz", + "integrity": "sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg==", + "dev": true, + "requires": { + "arr-union": "^3.1.0", + "get-value": "^2.0.6", + "is-extendable": "^0.1.1", + "set-value": "^2.0.1" + } + }, + "unset-value": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/unset-value/-/unset-value-1.0.0.tgz", + "integrity": "sha1-g3aHP30jNRef+x5vw6jtDfyKtVk=", + "dev": true, + "requires": { + "has-value": "^0.3.1", + "isobject": "^3.0.0" + }, + "dependencies": { + "has-value": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/has-value/-/has-value-0.3.1.tgz", + "integrity": "sha1-ex9YutpiyoJ+wKIHgCVlSEWZXh8=", + "dev": true, + "requires": { + "get-value": "^2.0.3", + "has-values": "^0.1.4", + "isobject": "^2.0.0" + }, + "dependencies": { + "isobject": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz", + "integrity": "sha1-8GVWEJaj8dou9GJy+BXIQNh+DIk=", + "dev": true, + "requires": { + "isarray": "1.0.0" + } + } + } + }, + "has-values": { + "version": "0.1.4", + "resolved": "https://registry.npmjs.org/has-values/-/has-values-0.1.4.tgz", + "integrity": "sha1-bWHeldkd/Km5oCCJrThL/49it3E=", + "dev": true + } + } + }, + "uri-js": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", + "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", + "dev": true, + "requires": { + "punycode": "^2.1.0" + } + }, + "urix": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/urix/-/urix-0.1.0.tgz", + "integrity": "sha1-2pN/emLiH+wf0Y1Js1wpNQZ6bHI=", + "dev": true + }, + "use": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz", + "integrity": "sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==", + "dev": true + }, + "uuid": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", + "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", + "dev": true + }, + "v8-to-istanbul": { + "version": "4.1.4", + "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-4.1.4.tgz", + "integrity": "sha512-Rw6vJHj1mbdK8edjR7+zuJrpDtKIgNdAvTSAcpYfgMIw+u2dPDntD3dgN4XQFLU2/fvFQdzj+EeSGfd/jnY5fQ==", + "dev": true, + "requires": { + "@types/istanbul-lib-coverage": "^2.0.1", + "convert-source-map": "^1.6.0", + "source-map": "^0.7.3" + }, + "dependencies": { + "source-map": { + "version": "0.7.3", + "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.7.3.tgz", + "integrity": "sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==", + "dev": true + } + } + }, + "validate-npm-package-license": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz", + "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==", + "dev": true, + "requires": { + "spdx-correct": "^3.0.0", + "spdx-expression-parse": "^3.0.0" + } + }, + "verror": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", + "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0", + "core-util-is": "1.0.2", + "extsprintf": "^1.2.0" + } + }, + "w3c-hr-time": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/w3c-hr-time/-/w3c-hr-time-1.0.2.tgz", + "integrity": "sha512-z8P5DvDNjKDoFIHK7q8r8lackT6l+jo/Ye3HOle7l9nICP9lf1Ci25fy9vHd0JOWewkIFzXIEig3TdKT7JQ5fQ==", + "dev": true, + "requires": { + "browser-process-hrtime": "^1.0.0" + } + }, + "w3c-xmlserializer": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-1.1.2.tgz", + "integrity": "sha512-p10l/ayESzrBMYWRID6xbuCKh2Fp77+sA0doRuGn4tTIMrrZVeqfpKjXHY+oDh3K4nLdPgNwMTVP6Vp4pvqbNg==", + "dev": true, + "requires": { + "domexception": "^1.0.1", + "webidl-conversions": "^4.0.2", + "xml-name-validator": "^3.0.0" + } + }, + "walker": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/walker/-/walker-1.0.7.tgz", + "integrity": "sha1-L3+bj9ENZ3JisYqITijRlhjgKPs=", + "dev": true, + "requires": { + "makeerror": "1.0.x" + } + }, + "webidl-conversions": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-4.0.2.tgz", + "integrity": "sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==", + "dev": true + }, + "whatwg-encoding": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-1.0.5.tgz", + "integrity": "sha512-b5lim54JOPN9HtzvK9HFXvBma/rnfFeqsic0hSpjtDbVxR3dJKLc+KB4V6GgiGOvl7CY/KNh8rxSo9DKQrnUEw==", + "dev": true, + "requires": { + "iconv-lite": "0.4.24" + } + }, + "whatwg-mimetype": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz", + "integrity": "sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==", + "dev": true + }, + "whatwg-url": { + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-7.1.0.tgz", + "integrity": "sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg==", + "dev": true, + "requires": { + "lodash.sortby": "^4.7.0", + "tr46": "^1.0.1", + "webidl-conversions": "^4.0.2" + } + }, + "which": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz", + "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==", + "dev": true, + "requires": { + "isexe": "^2.0.0" + } + }, + "which-module": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/which-module/-/which-module-2.0.0.tgz", + "integrity": "sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho=", + "dev": true + }, + "word-wrap": { + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", + "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", + "dev": true + }, + "wrap-ansi": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", + "integrity": "sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA==", + "dev": true, + "requires": { + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" + } + }, + "wrappy": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", + "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", + "dev": true + }, + "write-file-atomic": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.3.tgz", + "integrity": "sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==", + "dev": true, + "requires": { + "imurmurhash": "^0.1.4", + "is-typedarray": "^1.0.0", + "signal-exit": "^3.0.2", + "typedarray-to-buffer": "^3.1.5" + } + }, + "ws": { + "version": "7.3.0", + "resolved": "https://registry.npmjs.org/ws/-/ws-7.3.0.tgz", + "integrity": "sha512-iFtXzngZVXPGgpTlP1rBqsUK82p9tKqsWRPg5L56egiljujJT3vGAYnHANvFxBieXrTFavhzhxW52jnaWV+w2w==", + "dev": true + }, + "xml-name-validator": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-3.0.0.tgz", + "integrity": "sha512-A5CUptxDsvxKJEU3yO6DuWBSJz/qizqzJKOMIfUJHETbBw/sFaDxgd6fxm1ewUaM0jZ444Fc5vC5ROYurg/4Pw==", + "dev": true + }, + "xmlchars": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz", + "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw==", + "dev": true + }, + "y18n": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.0.tgz", + "integrity": "sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w==", + "dev": true + }, + "yargs": { + "version": "15.3.1", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-15.3.1.tgz", + "integrity": "sha512-92O1HWEjw27sBfgmXiixJWT5hRBp2eobqXicLtPBIDBhYB+1HpwZlXmbW2luivBJHBzki+7VyCLRtAkScbTBQA==", + "dev": true, + "requires": { + "cliui": "^6.0.0", + "decamelize": "^1.2.0", + "find-up": "^4.1.0", + "get-caller-file": "^2.0.1", + "require-directory": "^2.1.1", + "require-main-filename": "^2.0.0", + "set-blocking": "^2.0.0", + "string-width": "^4.2.0", + "which-module": "^2.0.0", + "y18n": "^4.0.0", + "yargs-parser": "^18.1.1" + } + }, + "yargs-parser": { + "version": "18.1.3", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-18.1.3.tgz", + "integrity": "sha512-o50j0JeToy/4K6OZcaQmW6lyXXKhq7csREXcDwk2omFPJEwUNOVtJKvmDr9EI1fAJZUyZcRF7kxGBWmRXudrCQ==", + "dev": true, + "requires": { + "camelcase": "^5.0.0", + "decamelize": "^1.2.0" + } + } + } +} diff --git a/hooks/update-field/package.json b/hooks/update-field/package.json new file mode 100644 index 00000000..73ced215 --- /dev/null +++ b/hooks/update-field/package.json @@ -0,0 +1,18 @@ +{ + "name": "scb-update-field", + "version": "1.0.0", + "description": "", + "main": "hook.js", + "scripts": { + "test": "jest ." + }, + "keywords": [], + "author": "", + "license": "ISC", + "dependencies": { + "lodash.set": "^4.3.2" + }, + "devDependencies": { + "jest": "^25.1.0" + } +} diff --git a/hooks/update-field/templates/NOTES.txt b/hooks/update-field/templates/NOTES.txt new file mode 100644 index 00000000..8e46012f --- /dev/null +++ b/hooks/update-field/templates/NOTES.txt @@ -0,0 +1,2 @@ +UpdateField Hook deployed. +This will add or override "{{ .Values.attribute.name }}: {{ .Values.attribute.value }}" on every finding in this namespace. \ No newline at end of file diff --git a/hooks/add-attributes/templates/_helpers.tpl b/hooks/update-field/templates/_helpers.tpl similarity index 100% rename from hooks/add-attributes/templates/_helpers.tpl rename to hooks/update-field/templates/_helpers.tpl diff --git a/hooks/add-attributes/templates/add-attributes-hook.yaml b/hooks/update-field/templates/update-field-hook.yaml similarity index 100% rename from hooks/add-attributes/templates/add-attributes-hook.yaml rename to hooks/update-field/templates/update-field-hook.yaml diff --git a/hooks/add-attributes/values.yaml b/hooks/update-field/values.yaml similarity index 68% rename from hooks/add-attributes/values.yaml rename to hooks/update-field/values.yaml index e8e0ef94..8ee928d1 100644 --- a/hooks/add-attributes/values.yaml +++ b/hooks/update-field/values.yaml @@ -3,11 +3,11 @@ # Declare variables to be passed into your templates. attribute: - name: foobar - value: example + name: "category" + value: my-own-category image: registry: docker.io - repository: scbexperimental/add-attribute + repository: scbexperimental/update-field tag: latest digest: null From 851e2b2b28d69a7428e825eefa8a4009f044e798 Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Wed, 10 Jun 2020 13:23:24 +0200 Subject: [PATCH 059/109] Add docker command for minio --- docs/developer-guide/README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/developer-guide/README.md b/docs/developer-guide/README.md index 3027390e..875f019f 100644 --- a/docs/developer-guide/README.md +++ b/docs/developer-guide/README.md @@ -24,7 +24,10 @@ For your local development you will need a S3 compatible storage. We would recommend to use [Minio](https://min.io/download#/) inside a podman or docker container. ```bash -podman run --name minio -p 9000:9000 minio/minio server /data +# if you want to use podman +$ podman run --name minio -p 9000:9000 minio/minio server /data +# if you want to use docker +$ docker run --name minio -p 9000:9000 minio/minio server /data ``` In the Minio management GUI you will need to add a new bucket for the operator. @@ -32,6 +35,7 @@ The default credentials for your minio instance are *minioadmin:minioadmin*. You might change those. After setting up your bucket you will need to specify some environment variables to enable the operator to use the bucket. +You could add these to your *.bashrc* or *.zshrc* as well. ```bash $ export S3_ACCESS_KEY="your-minio-access-key" From b45d5ace33282550c2650145272218dab7259fa3 Mon Sep 17 00:00:00 2001 From: Jorge Estigarribia Date: Wed, 10 Jun 2020 14:47:19 +0200 Subject: [PATCH 060/109] Delete folder beacuse we will use update field hook for integration testing Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> Co-authored-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 8 --- hooks/test-read-write-hook/.dockerignore | 1 - hooks/test-read-write-hook/.gitignore | 1 - hooks/test-read-write-hook/.helmignore | 30 ----------- hooks/test-read-write-hook/Chart.lock | 3 -- hooks/test-read-write-hook/Chart.yaml | 11 ---- hooks/test-read-write-hook/Dockerfile | 3 -- hooks/test-read-write-hook/hook.js | 18 ------- hooks/test-read-write-hook/hook.test.js | 33 ------------ .../test-read-write-hook/templates/NOTES.txt | 3 -- .../templates/_helpers.tpl | 52 ------------------- .../templates/read-write-hook-test.yaml | 16 ------ hooks/test-read-write-hook/values.yaml | 13 ----- 13 files changed, 192 deletions(-) delete mode 100644 hooks/test-read-write-hook/.dockerignore delete mode 100644 hooks/test-read-write-hook/.gitignore delete mode 100644 hooks/test-read-write-hook/.helmignore delete mode 100644 hooks/test-read-write-hook/Chart.lock delete mode 100644 hooks/test-read-write-hook/Chart.yaml delete mode 100644 hooks/test-read-write-hook/Dockerfile delete mode 100644 hooks/test-read-write-hook/hook.js delete mode 100644 hooks/test-read-write-hook/hook.test.js delete mode 100644 hooks/test-read-write-hook/templates/NOTES.txt delete mode 100644 hooks/test-read-write-hook/templates/_helpers.tpl delete mode 100644 hooks/test-read-write-hook/templates/read-write-hook-test.yaml delete mode 100644 hooks/test-read-write-hook/values.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 386b815d..d368ec43 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -231,14 +231,6 @@ jobs: repository: scbexperimental/hook-imperative-subsequent-scans path: ./hooks/imperative-subsequent-scans/ tag_with_ref: true - - uses: docker/build-push-action@v1 - name: "Build & Push TestReadWriteHook Hook Image" - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - repository: scbexperimental/test-read-write-hook - path: ./hooks/test-read-write-hook/ - tag_with_ref: true - uses: docker/build-push-action@v1 name: "Build & Push UpdateField Hook Image" with: diff --git a/hooks/test-read-write-hook/.dockerignore b/hooks/test-read-write-hook/.dockerignore deleted file mode 100644 index 40b878db..00000000 --- a/hooks/test-read-write-hook/.dockerignore +++ /dev/null @@ -1 +0,0 @@ -node_modules/ \ No newline at end of file diff --git a/hooks/test-read-write-hook/.gitignore b/hooks/test-read-write-hook/.gitignore deleted file mode 100644 index b512c09d..00000000 --- a/hooks/test-read-write-hook/.gitignore +++ /dev/null @@ -1 +0,0 @@ -node_modules \ No newline at end of file diff --git a/hooks/test-read-write-hook/.helmignore b/hooks/test-read-write-hook/.helmignore deleted file mode 100644 index 676a3554..00000000 --- a/hooks/test-read-write-hook/.helmignore +++ /dev/null @@ -1,30 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -# Node.js files -node_modules/* -package.json -package-lock.json -src/* -config/* -Dockerfile -.dockerignore \ No newline at end of file diff --git a/hooks/test-read-write-hook/Chart.lock b/hooks/test-read-write-hook/Chart.lock deleted file mode 100644 index eb7f3a24..00000000 --- a/hooks/test-read-write-hook/Chart.lock +++ /dev/null @@ -1,3 +0,0 @@ -dependencies: [] -digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 -generated: "2020-05-26T16:56:03.119255+02:00" diff --git a/hooks/test-read-write-hook/Chart.yaml b/hooks/test-read-write-hook/Chart.yaml deleted file mode 100644 index 5047eae6..00000000 --- a/hooks/test-read-write-hook/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v2 -name: test-read-write-hook-hook -description: This hook is for integration testing only! - -type: application - -version: 0.1.0 - -appVersion: latest - -dependencies: [] diff --git a/hooks/test-read-write-hook/Dockerfile b/hooks/test-read-write-hook/Dockerfile deleted file mode 100644 index ffe1db53..00000000 --- a/hooks/test-read-write-hook/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM scbexperimental/hook-sdk-nodejs:latest -WORKDIR /home/app/hook-wrapper/hook/ -COPY --chown=app:app ./hook.js ./hook.js diff --git a/hooks/test-read-write-hook/hook.js b/hooks/test-read-write-hook/hook.js deleted file mode 100644 index dc84bf25..00000000 --- a/hooks/test-read-write-hook/hook.js +++ /dev/null @@ -1,18 +0,0 @@ -async function handle({ - getFindings, - updateFindings, - attributeName = process.env["ATTRIBUTE_NAME"], - attributeValue = process.env["ATTRIBUTE_VALUE"], -}) { - const findings = await getFindings(); - - const newFindings = findings.map((finding) => { - finding.attributes[attributeName] = attributeValue; - return finding; - }); - - console.log(`Updated attributes on ${findings.length} findings`); - - await updateFindings(newFindings); -} -module.exports.handle = handle; diff --git a/hooks/test-read-write-hook/hook.test.js b/hooks/test-read-write-hook/hook.test.js deleted file mode 100644 index 9f88db74..00000000 --- a/hooks/test-read-write-hook/hook.test.js +++ /dev/null @@ -1,33 +0,0 @@ -const { handle } = require("./hook"); - -test("should send a post request to the url when fired", async () => { - const findings = [ - { - name: "Open Port", - attributes: { - hostname: "foobar.com", - }, - }, - ]; - - const getFindings = async () => findings; - - const updateFindings = jest.fn(); - - await handle({ - getFindings, - updateFindings, - attributeName: "cluster", - attributeValue: "gke-internal", - }); - - expect(updateFindings).toBeCalledWith([ - { - name: "Open Port", - attributes: { - hostname: "foobar.com", - cluster: "gke-internal", - }, - }, - ]); -}); diff --git a/hooks/test-read-write-hook/templates/NOTES.txt b/hooks/test-read-write-hook/templates/NOTES.txt deleted file mode 100644 index 65f76b04..00000000 --- a/hooks/test-read-write-hook/templates/NOTES.txt +++ /dev/null @@ -1,3 +0,0 @@ -TestReadWrite Hook deployed. -This Hook is for testing only! -This will add a attribute "{{ .Values.attribute.name }}: {{ .Values.attribute.value }}" on every finding in this namespace. \ No newline at end of file diff --git a/hooks/test-read-write-hook/templates/_helpers.tpl b/hooks/test-read-write-hook/templates/_helpers.tpl deleted file mode 100644 index a27683b5..00000000 --- a/hooks/test-read-write-hook/templates/_helpers.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "test-read-write-hook.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "test-read-write-hook.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "test-read-write-hook.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "test-read-write-hook.labels" -}} -helm.sh/chart: {{ include "test-read-write-hook.chart" . }} -{{ include "test-read-write-hook.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - -{{/* -Selector labels -*/}} -{{- define "test-read-write-hook.selectorLabels" -}} -app.kubernetes.io/name: {{ include "test-read-write-hook.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} diff --git a/hooks/test-read-write-hook/templates/read-write-hook-test.yaml b/hooks/test-read-write-hook/templates/read-write-hook-test.yaml deleted file mode 100644 index 741ec426..00000000 --- a/hooks/test-read-write-hook/templates/read-write-hook-test.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: ScanCompletionHook -metadata: - name: {{ include "test-read-write-hook.fullname" . }} -spec: - type: ReadAndWrite - {{- if .Values.image.digest }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} - env: - - name: ATTRIBUTE_NAME - value: {{ .Values.attribute.name | quote }} - - name: ATTRIBUTE_VALUE - value: {{ .Values.attribute.value | quote }} diff --git a/hooks/test-read-write-hook/values.yaml b/hooks/test-read-write-hook/values.yaml deleted file mode 100644 index 615aa5b0..00000000 --- a/hooks/test-read-write-hook/values.yaml +++ /dev/null @@ -1,13 +0,0 @@ -# Default values for dispatcher. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -attribute: - name: foobar - value: example - -image: - registry: docker.io - repository: scbexperimental/test-read-write-hook - tag: latest - digest: null From 9b1e3ba6356ef08de72951ca1d952116405f5efe Mon Sep 17 00:00:00 2001 From: Jorge Estigarribia Date: Wed, 10 Jun 2020 15:01:07 +0200 Subject: [PATCH 061/109] Refactor integration test folder structure Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> Co-authored-by: Jannik Hollenbach --- tests/integration/{ => scanner}/kube-hunter.test.js | 2 +- tests/integration/{ => scanner}/nmap.test.js | 2 +- tests/integration/{ => scanner}/ssh-scan.test.js | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) rename tests/integration/{ => scanner}/kube-hunter.test.js (91%) rename tests/integration/{ => scanner}/nmap.test.js (95%) rename tests/integration/{ => scanner}/ssh-scan.test.js (96%) diff --git a/tests/integration/kube-hunter.test.js b/tests/integration/scanner/kube-hunter.test.js similarity index 91% rename from tests/integration/kube-hunter.test.js rename to tests/integration/scanner/kube-hunter.test.js index cb559bbf..77a9dced 100644 --- a/tests/integration/kube-hunter.test.js +++ b/tests/integration/scanner/kube-hunter.test.js @@ -1,4 +1,4 @@ -const { scan } = require("./helpers"); +const { scan } = require("../helpers"); test( "kube-hunter should find a fixed number of findings for the kind cluster", diff --git a/tests/integration/nmap.test.js b/tests/integration/scanner/nmap.test.js similarity index 95% rename from tests/integration/nmap.test.js rename to tests/integration/scanner/nmap.test.js index 466bbc9d..ebca1bb6 100644 --- a/tests/integration/nmap.test.js +++ b/tests/integration/scanner/nmap.test.js @@ -1,4 +1,4 @@ -const { scan } = require('./helpers') +const { scan } = require('../helpers') test( "localhost port scan should only find a host finding", diff --git a/tests/integration/ssh-scan.test.js b/tests/integration/scanner/ssh-scan.test.js similarity index 96% rename from tests/integration/ssh-scan.test.js rename to tests/integration/scanner/ssh-scan.test.js index 53466796..94bbca67 100644 --- a/tests/integration/ssh-scan.test.js +++ b/tests/integration/scanner/ssh-scan.test.js @@ -1,5 +1,5 @@ // todo: Integrate into github ci pipeline -const { scan } = require("./helpers"); +const { scan } = require("../helpers"); test( "ssh-scan should find a couple of findings for a dummy ssh service", From 9142e20199bb2a6e4c6728a7cbed169da33b5555 Mon Sep 17 00:00:00 2001 From: Jorge Estigarribia Date: Wed, 10 Jun 2020 15:04:50 +0200 Subject: [PATCH 062/109] Refactor folder structure Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> Co-authored-by: Jannik Hollenbach --- .../integration/{ => generic}/no-scan-definition-error.test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename tests/integration/{ => generic}/no-scan-definition-error.test.js (91%) diff --git a/tests/integration/no-scan-definition-error.test.js b/tests/integration/generic/no-scan-definition-error.test.js similarity index 91% rename from tests/integration/no-scan-definition-error.test.js rename to tests/integration/generic/no-scan-definition-error.test.js index aa0a36a7..1bde65e6 100644 --- a/tests/integration/no-scan-definition-error.test.js +++ b/tests/integration/generic/no-scan-definition-error.test.js @@ -1,4 +1,4 @@ -const { scan } = require('./helpers') +const { scan } = require('../helpers') test( "scan without a matching ScanType should be marked as errored", From 0c89b89c1d2539769333c85f22cb845568d18fdd Mon Sep 17 00:00:00 2001 From: Jorge Estigarribia Date: Wed, 10 Jun 2020 16:25:20 +0200 Subject: [PATCH 063/109] Update findings stats after ReadWrite hooks Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> Co-authored-by: Jannik Hollenbach --- hook-sdk/nodejs/hook-wrapper.js | 72 ++++++++++++++++--- .../controllers/execution/scan_controller.go | 5 ++ 2 files changed, 67 insertions(+), 10 deletions(-) diff --git a/hook-sdk/nodejs/hook-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js index e70bf1f6..cae0b399 100644 --- a/hook-sdk/nodejs/hook-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -2,6 +2,15 @@ const axios = require("axios"); const { handle } = require("./hook/hook"); const k8s = require("@kubernetes/client-node"); +const scanName = process.env["SCAN_NAME"]; +const namespace = process.env["NAMESPACE"]; +console.log(`Starting hook for Scan "${scanName}"`); + +const kc = new k8s.KubeConfig(); +kc.loadFromCluster(); + +const k8sApi = kc.makeApiClient(k8s.CustomObjectsApi); + function downloadFile(url) { return axios.get(url); } @@ -62,7 +71,14 @@ function updateRawResults(fileContents) { return uploadFile(rawResultUploadUrl, fileContents); } -function updateFindings(findings) { +function severityCount(findings, severity) { + return findings.filter( + ({ severity: findingSeverity }) => + findingSeverity.toUpperCase() === severity + ).length; +} + +async function updateFindings(findings) { const findingsUploadUrl = process.argv[5]; if (findingsUploadUrl === undefined) { console.error( @@ -73,19 +89,55 @@ function updateFindings(findings) { "If you want to change Findings you'll need to use a ReadAndWrite Hook." ); } - return uploadFile(findingsUploadUrl, JSON.stringify(findings)); -} + await uploadFile(findingsUploadUrl, JSON.stringify(findings)); -async function main() { - const scanName = process.env["SCAN_NAME"]; - const namespace = process.env["NAMESPACE"]; - console.log(`Starting hook for Scan "${scanName}"`); + // Update the scans findingStats (severities, categories, or the count) of the scan results + const findingCategories = new Map(); + for (const { category } of findings) { + if (findingCategories.has(category)) { + findingCategories.set(category, findingCategories.get(category) + 1); + } else { + findingCategories.set(category, 1); + } + } - const kc = new k8s.KubeConfig(); - kc.loadFromCluster(); + const findingStats = { + count: findings.length, + severities: { + informational: severityCount(findings, "INFORMATIONAL"), + low: severityCount(findings, "LOW"), + medium: severityCount(findings, "MEDIUM"), + high: severityCount(findings, "HIGH"), + }, + categories: Object.fromEntries(findingCategories.entries()), + }; - const k8sApi = kc.makeApiClient(k8s.CustomObjectsApi); + await k8sApi.patchNamespacedCustomObjectStatus( + "execution.experimental.securecodebox.io", + "v1", + namespace, + "scans", + scanName, + { + status: { + findings: { + count: findings.length, + severities: { + informational: severityCount(findings, "INFORMATIONAL"), + low: severityCount(findings, "LOW"), + medium: severityCount(findings, "MEDIUM"), + high: severityCount(findings, "HIGH"), + }, + categories: Object.fromEntries(findingCategories.entries()), + }, + }, + }, + { headers: { "content-type": "application/merge-patch+json" } } + ); + console.log("Updated status successfully"); +} +async function main() { let scan; try { const { body } = await k8sApi.getNamespacedCustomObject( diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 63884df9..315d3104 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -979,6 +979,11 @@ func (r *ScanReconciler) createJobForHook(hook *executionv1.ScanCompletionHook, Resources: []string{"scans"}, Verbs: []string{"get"}, }, + { + APIGroups: []string{"execution.experimental.securecodebox.io"}, + Resources: []string{"scans/status"}, + Verbs: []string{"get", "patch"}, + }, } serviceAccountName := "scan-completion-hook" r.ensureServiceAccountExists( From 1f192107198da7d3218bd198cbc3342e885c00a3 Mon Sep 17 00:00:00 2001 From: Jorge Estigarribia Date: Wed, 10 Jun 2020 16:26:15 +0200 Subject: [PATCH 064/109] Use shorter name for update field hook Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> Co-authored-by: Jannik Hollenbach --- hooks/update-field/templates/update-field-hook.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hooks/update-field/templates/update-field-hook.yaml b/hooks/update-field/templates/update-field-hook.yaml index 5ece27f2..105b17b4 100644 --- a/hooks/update-field/templates/update-field-hook.yaml +++ b/hooks/update-field/templates/update-field-hook.yaml @@ -1,7 +1,7 @@ apiVersion: "execution.experimental.securecodebox.io/v1" kind: ScanCompletionHook metadata: - name: {{ include "add-attribute.fullname" . }} + name: {{ .Release.Name }} spec: type: ReadAndWrite {{- if .Values.image.digest }} From 4f674aab6ff7c8662b5da66ee8c845fd1b08f6eb Mon Sep 17 00:00:00 2001 From: Jorge Estigarribia Date: Wed, 10 Jun 2020 16:27:13 +0200 Subject: [PATCH 065/109] Add integration test for ReadWrite hook Co-authored-by: Yannik Fuhrmeister <12710254+fuhrmeistery@users.noreply.github.com> Co-authored-by: Jannik Hollenbach --- .github/workflows/ci.yaml | 10 ++++++- .../generic/read-write-hook.test.js | 28 +++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 tests/integration/generic/read-write-hook.test.js diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index d368ec43..680227b3 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -321,10 +321,18 @@ jobs: cd tests/integration/ npm ci # This steps should include Integration tests which are not related to a Specific Scanner - - name: "Generic Integration Tests" + - name: "Throws NoScanDefiniton Error Integration Tests" run: | cd tests/integration/ npx jest --ci --color no-scan-definition-error + - name: "Hooks Integration Tests" + run: | + helm -n integration-tests install update-category ./hooks/update-field --set="attribute.name=category" --set="attribute.value=fancy-category" + helm -n integration-tests install update-severity ./hooks/update-field --set="attribute.name=severity" --set="attribute.value=high" + helm -n integration-tests install test-scan ./integrations/test-scan + cd tests/integration/ + npx jest --ci --color read-write-hook + helm -n integration-tests uninstall test-scan update-category update-severity - name: "nmap Integration Tests" run: | helm -n integration-tests install nmap ./integrations/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" diff --git a/tests/integration/generic/read-write-hook.test.js b/tests/integration/generic/read-write-hook.test.js new file mode 100644 index 00000000..a7864fe9 --- /dev/null +++ b/tests/integration/generic/read-write-hook.test.js @@ -0,0 +1,28 @@ +const { scan } = require("../helpers"); + +test( + "localhost port scan should only find a host finding", + async () => { + const { categories, severities, count } = await scan( + "test-scan-read-write-hook", + "test-scan", + [], + 90 + ); + + expect(count).toBe(2); + expect(categories).toMatchInlineSnapshot(` + Object { + "Host": 1, + "Open Port": 1, + "fancy-category": 2, + } + `); + expect(severities).toMatchInlineSnapshot(` + Object { + "high": 2, + } + `); + }, + 3 * 60 * 1000 +); From f9a3aebebb48d74afe5606949f69007613af57a1 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Thu, 11 Jun 2020 12:52:26 +0200 Subject: [PATCH 066/109] Improved the imperative-subsequent-scans hook to be more configurable which scans can be started --- hooks/imperative-subsequent-scans/hook.js | 79 +++- .../imperative-subsequent-scans/hook.test.js | 336 +++++++++++++++++- .../imperative-subsequent-scans-hook.yaml | 15 +- hooks/imperative-subsequent-scans/values.yaml | 16 +- 4 files changed, 434 insertions(+), 12 deletions(-) diff --git a/hooks/imperative-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js index 4fab3bd4..1c65a74e 100644 --- a/hooks/imperative-subsequent-scans/hook.js +++ b/hooks/imperative-subsequent-scans/hook.js @@ -1,9 +1,24 @@ const { startSubsequentSecureCodeBoxScan } = require("./scan-helpers"); -async function handle({ scan, getFindings }) { +async function handle({ + scan, + getFindings, + cascadeAmassNmap = process.env["CASCADE_AMASS_NMAP"], + cascadeNmapSsl = process.env["CASCADE_NMAP_SSL"], + cascadeNmapSsh = process.env["CASCADE_NMAP_SSH"], + cascadeNmapNikto = process.env["CASCADE_NMAP_NIKTO"], + cascadeNmapSmb = process.env["CASCADE_NMAP_SMB"], + cascadeNmapZapBaseline = process.env["CASCADE_NMAP_ZAP_BASELINE"] +}) { const findings = await getFindings(); console.log(findings); + console.log("cascadeAmassNmap: " + cascadeAmassNmap); + console.log("cascadeNmapSsl: " + cascadeNmapSsl); + console.log("cascadeNmapSsh: " + cascadeNmapSsh); + console.log("cascadeNmapNikto: " + cascadeNmapNikto); + console.log("cascadeNmapSmb: " + cascadeNmapSmb); + console.log("cascadeNmapZapBaseline: " + cascadeNmapZapBaseline); console.log( `Found #${findings.length} findings... Trying to find identify if these are NMAP specific findings and start possible subsequent security scans.` @@ -18,11 +33,14 @@ async function handle({ scan, getFindings }) { const port = finding.attributes.port; console.log( - "Found NMAP 'Open Port' finding for service: " + finding.attributes.port + "Found NMAP 'Open Port' finding for port: '" + finding.attributes.port+"' and service: '" + finding.attributes.service + "'" ); // search for HTTP ports and start subsequent Nikto Scan - if (finding.attributes.service === "http") { + if ( + cascadeNmapNikto && + finding.attributes.service === "http" + ) { await startNiktoScan({ parentScan: scan, hostname, @@ -30,17 +48,38 @@ async function handle({ scan, getFindings }) { }); } + // search for SMB ports and start subsequent NMAP Scan + if ( + cascadeNmapSmb && + finding.attributes.port === 445 && + finding.attributes.service === "microsoft-ds" + ) { + await startSMBScan({ + parentScan: scan, + hostname, + port, + }); + } + // search for HTTPS ports and start subsequent SSLyze Scan if ( - finding.attributes.service === "ssl" || - finding.attributes.service === "https" + cascadeNmapSsl && + (finding.attributes.service === "ssl" || + finding.attributes.service === "https") ) { await startSSLyzeScan({ parentScan: scan, hostname, port, }); + } + // search for HTTPS ports and start subsequent ZAP Baselne Scan + if ( + cascadeNmapZapBaseline && + (finding.attributes.service === "ssl" || + finding.attributes.service === "https") + ) { await startZAPBaselineScan({ parentScan: scan, hostname, @@ -49,7 +88,10 @@ async function handle({ scan, getFindings }) { } // search for HTTPS ports and start subsequent SSH Scan - if (finding.attributes.service === "ssh") { + if ( + cascadeNmapSsh && + finding.attributes.service === "ssh" + ) { await startSSHScan({ parentScan: scan, hostname, @@ -64,7 +106,12 @@ async function handle({ scan, getFindings }) { ); for (const finding of findings) { - if(finding.category === "Subdomain" && finding.osi_layer === "NETWORK" && finding.description.startsWith("Found subdomain")) { + if( + cascadeAmassNmap && + finding.category === "Subdomain" && + finding.osi_layer === "NETWORK" && + finding.description.startsWith("Found subdomain" + )) { console.log("Found AMASS 'Subdomain' finding: " + finding.location); const hostname = finding.location; @@ -77,6 +124,24 @@ async function handle({ scan, getFindings }) { } } +/** + * Creates a new subsequent SCB ZAP Scan for the given hostname. + * @param {string} hostname The hostname to start a new subsequent ZAP scan for. + * @param {string} port The port to start a new subsequent ZAP scan for. + */ +async function startSMBScan({ parentScan, hostname}) { + console.log( + " --> Starting async subsequent NMAP SMB Scan for host: " + hostname + ); + + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `nmap-smb-${hostname.toLowerCase()}`, + scanType: "nmap", + parameters: ["-Pn", "-p445", "--script", "smb-protocols", hostname], + }); +} + /** * Creates a new subsequent SCB ZAP Scan for the given hostname. * @param {string} hostname The hostname to start a new subsequent ZAP scan for. diff --git a/hooks/imperative-subsequent-scans/hook.test.js b/hooks/imperative-subsequent-scans/hook.test.js index e527446c..b30ef66f 100644 --- a/hooks/imperative-subsequent-scans/hook.test.js +++ b/hooks/imperative-subsequent-scans/hook.test.js @@ -35,11 +35,24 @@ test("Should create subsequent scans for open HTTPS ports (NMAP findings)", asyn }, }; + const cascadeAmassNmap = true; + const cascadeNmapSsl = true; + const cascadeNmapSsh = true; + const cascadeNmapNikto = true; + const cascadeNmapSmb = true; + const cascadeNmapZapBaseline = true; + const getFindings = async () => findings; await handle({ getFindings, scan, + cascadeAmassNmap, + cascadeNmapSsl, + cascadeNmapSsh, + cascadeNmapNikto, + cascadeNmapSmb, + cascadeNmapZapBaseline }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(4); @@ -103,11 +116,24 @@ test("Should create subsequent scans for open HTTP ports (NMAP findings)", async }, }; + const cascadeAmassNmap = true; + const cascadeNmapSsl = true; + const cascadeNmapSsh = true; + const cascadeNmapNikto = true; + const cascadeNmapSmb = true; + const cascadeNmapZapBaseline = true; + const getFindings = async () => findings; await handle({ getFindings, scan, + cascadeAmassNmap, + cascadeNmapSsl, + cascadeNmapSsh, + cascadeNmapNikto, + cascadeNmapSmb, + cascadeNmapZapBaseline }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(6); @@ -159,11 +185,24 @@ test("Should create subsequent scans for open SSH ports (NMAP findings)", async }, }; + const cascadeAmassNmap = true; + const cascadeNmapSsl = true; + const cascadeNmapSsh = true; + const cascadeNmapNikto = true; + const cascadeNmapSmb = true; + const cascadeNmapZapBaseline = true; + const getFindings = async () => findings; await handle({ getFindings, scan, + cascadeAmassNmap, + cascadeNmapSsl, + cascadeNmapSsh, + cascadeNmapNikto, + cascadeNmapSmb, + cascadeNmapZapBaseline }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(8); @@ -183,6 +222,68 @@ test("Should create subsequent scans for open SSH ports (NMAP findings)", async }); }); +test("Should create subsequent scans for open SMB ports (NMAP findings)", async () => { + const findings = [ + { + name: "Port 445 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "foobar.com", + port: 445, + service: "microsoft-ds", + }, + }, + { + name: "Port 445 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "example.com", + port: 445, + service: "filtered", + }, + }, + ]; + + const scan = { + metadata: { + labels: { + foo: "bar", + }, + }, + }; + + const cascadeAmassNmap = true; + const cascadeNmapSsl = true; + const cascadeNmapSsh = true; + const cascadeNmapNikto = true; + const cascadeNmapSmb = true; + const cascadeNmapZapBaseline = true; + + const getFindings = async () => findings; + + await handle({ + getFindings, + scan, + cascadeAmassNmap, + cascadeNmapSsl, + cascadeNmapSsh, + cascadeNmapNikto, + cascadeNmapSmb, + cascadeNmapZapBaseline + }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(9); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(9, { + name: "nmap-smb-foobar.com", + parameters: ["-Pn", "-p445", "--script", "smb-protocols", "foobar.com"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "nmap", + }); +}); + test("Should create subsequent scans for subdomains (AMASS findings)", async () => { const findings = [ { @@ -213,24 +314,253 @@ test("Should create subsequent scans for subdomains (AMASS findings)", async () const getFindings = async () => findings; + const cascadeAmassNmap = true; + const cascadeNmapSsl = true; + const cascadeNmapSsh = true; + const cascadeNmapNikto = true; + const cascadeNmapSmb = true; + const cascadeNmapZapBaseline = true; + await handle({ getFindings, scan, + cascadeAmassNmap, + cascadeNmapSsl, + cascadeNmapSsh, + cascadeNmapNikto, + cascadeNmapSmb, + cascadeNmapZapBaseline }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(10); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(9, { + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(10, { name: "nmap-www.example.com", parameters: ["-Pn", "www.example.com"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nmap", }); // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(10, { + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(11, { name: "nmap-example.example.com", parameters: ["-Pn", "example.example.com"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nmap", }); +}); + +test("Should not create subsequent scans for subdomains (AMASS subsequent scans disabled)", async () => { + const findings = [ + { + name: "www.example.com", + description: "Found subdomain www.example.com", + category: "Subdomain", + location: "www.example.com", + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + }, + { + name: "example.example.com", + description: "Found subdomain example.example.com", + category: "Subdomain", + location: "example.example.com", + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + }, + ]; + + const scan = { + metadata: { + labels: { + foo: "bar", + }, + }, + }; + + const getFindings = async () => findings; + + const cascadeAmassNmap = false; + const cascadeNmapSsl = true; + const cascadeNmapSsh = true; + const cascadeNmapNikto = true; + const cascadeNmapSmb = true; + const cascadeNmapZapBaseline = true; + + await handle({ + getFindings, + scan, + cascadeAmassNmap, + cascadeNmapSsl, + cascadeNmapSsh, + cascadeNmapNikto, + cascadeNmapSmb, + cascadeNmapZapBaseline + }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11); +}); + +test("Should not create subsequent scans for subdomains (no AMASS findings)", async () => { + const findings = []; + + const scan = { + metadata: { + labels: { + foo: "bar", + }, + }, + }; + + const getFindings = async () => findings; + + const cascadeAmassNmap = true; + const cascadeNmapSsl = true; + const cascadeNmapSsh = true; + const cascadeNmapNikto = true; + const cascadeNmapSmb = true; + const cascadeNmapZapBaseline = true; + + await handle({ + getFindings, + scan, + cascadeAmassNmap, + cascadeNmapSsl, + cascadeNmapSsh, + cascadeNmapNikto, + cascadeNmapSmb, + cascadeNmapZapBaseline + }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11); +}); + +test("Should create subsequent scans for open SMB ports (NMAP findings)", async () => { + const findings = [ + { + name: "Port 445 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "foobar.com", + port: 445, + service: "microsoft-ds", + }, + }, + { + name: "Port 445 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "example.com", + port: 445, + service: "filtered", + }, + }, + { + name: "www.example.com", + description: "Found subdomain www.example.com", + category: "Subdomain", + location: "www.example.com", + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + }, + { + name: "example.example.com", + description: "Found subdomain example.example.com", + category: "Subdomain", + location: "example.example.com", + osi_layer: "NETWORK", + severity: "INFORMATIONAL", + }, + { + name: "Port 22 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "foobar.com", + port: 22, + service: "ssh", + }, + }, + { + name: "Port 23454 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "example.com", + port: 23454, + service: "ssh", + }, + }, + { + name: "Port 80 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "foobar.com", + port: 80, + service: "http", + }, + }, + { + name: "Port 3000 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "example.com", + port: 3000, + service: "http", + }, + }, + { + name: "Port 443 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "foobar.com", + port: 443, + service: "https", + }, + }, + { + name: "Port 8443 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "example.com", + port: 8443, + service: "ssl", + }, + }, + ]; + + const scan = { + metadata: { + labels: { + foo: "bar", + }, + }, + }; + + const cascadeAmassNmap = false; + const cascadeNmapSsl = false; + const cascadeNmapSsh = false; + const cascadeNmapNikto = false; + const cascadeNmapSmb = false; + const cascadeNmapZapBaseline = false; + + const getFindings = async () => findings; + + await handle({ + getFindings, + scan, + cascadeAmassNmap, + cascadeNmapSsl, + cascadeNmapSsh, + cascadeNmapNikto, + cascadeNmapSmb, + cascadeNmapZapBaseline + }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11); }); \ No newline at end of file diff --git a/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml b/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml index 7c2c682f..5ac6ea28 100644 --- a/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml +++ b/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml @@ -16,4 +16,17 @@ spec: {{- else }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" {{- end }} - {{- end }} \ No newline at end of file + {{- end }} + env: + - name: CASCADE_AMASS_NMAP + value: {{ .Values.cascade.amassNmap | quote }} + - name: CASCADE_NMAP_SMB + value: {{ .Values.cascade.nmapSmb | quote }} + - name: CASCADE_NMAP_SSH + value: {{ .Values.cascade.nmapSsh | quote }} + - name: CASCADE_NMAP_SSL + value: {{ .Values.cascade.nmapSsl | quote }} + - name: CASCADE_NMAP_NIKTO + value: {{ .Values.cascade.nmapNikto | quote }} + - name: CASCADE_NMAP_ZAP_BASELINE + value: {{ .Values.cascade.nmapZapBaseline | quote }} \ No newline at end of file diff --git a/hooks/imperative-subsequent-scans/values.yaml b/hooks/imperative-subsequent-scans/values.yaml index a09bd620..8a31525e 100644 --- a/hooks/imperative-subsequent-scans/values.yaml +++ b/hooks/imperative-subsequent-scans/values.yaml @@ -1,7 +1,21 @@ -# Default values for dispatcher. +# Default values for imperative-subsequent-scans Hook. # This is a YAML-formatted file. # Declare variables to be passed into your templates. +cascade: + # Cascade nmap scans for each subdomain found by amass + amassNmap: true + # Cascade nmap SMB scans for each SMB Port found by nmap + nmapSmb: false + # Cascade SSH scans for each SSH Port found by nmap + nmapSsh: false + # Cascade SSL scans for each HTTP Port found by nmap + nmapSsl: false + # Cascade Nikto scans for each HTTP Port found by nmap + nmapNikto: false + # Cascade ZAP scans for each HTTP Port found by nmap + nmapZapBaseline: false + image: registry: docker.io repository: scbexperimental/hook-imperative-subsequent-scans From 65978f0fefd7592c31d631d5ff92bde1d6844b4d Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Thu, 11 Jun 2020 13:02:28 +0200 Subject: [PATCH 067/109] Fixing linter test error --- hook-sdk/nodejs/hook-wrapper.js | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/hook-sdk/nodejs/hook-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js index cae0b399..e1511975 100644 --- a/hook-sdk/nodejs/hook-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -101,16 +101,16 @@ async function updateFindings(findings) { } } - const findingStats = { - count: findings.length, - severities: { - informational: severityCount(findings, "INFORMATIONAL"), - low: severityCount(findings, "LOW"), - medium: severityCount(findings, "MEDIUM"), - high: severityCount(findings, "HIGH"), - }, - categories: Object.fromEntries(findingCategories.entries()), - }; + // const findingStats = { + // count: findings.length, + // severities: { + // informational: severityCount(findings, "INFORMATIONAL"), + // low: severityCount(findings, "LOW"), + // medium: severityCount(findings, "MEDIUM"), + // high: severityCount(findings, "HIGH"), + // }, + // categories: Object.fromEntries(findingCategories.entries()), + // }; await k8sApi.patchNamespacedCustomObjectStatus( "execution.experimental.securecodebox.io", From 4dec6e625fc97f313c772ae4d1549eff7d72364c Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Thu, 11 Jun 2020 16:40:05 +0200 Subject: [PATCH 068/109] Remote commented out code --- hook-sdk/nodejs/hook-wrapper.js | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/hook-sdk/nodejs/hook-wrapper.js b/hook-sdk/nodejs/hook-wrapper.js index e1511975..20c7b7d1 100644 --- a/hook-sdk/nodejs/hook-wrapper.js +++ b/hook-sdk/nodejs/hook-wrapper.js @@ -101,17 +101,6 @@ async function updateFindings(findings) { } } - // const findingStats = { - // count: findings.length, - // severities: { - // informational: severityCount(findings, "INFORMATIONAL"), - // low: severityCount(findings, "LOW"), - // medium: severityCount(findings, "MEDIUM"), - // high: severityCount(findings, "HIGH"), - // }, - // categories: Object.fromEntries(findingCategories.entries()), - // }; - await k8sApi.patchNamespacedCustomObjectStatus( "execution.experimental.securecodebox.io", "v1", From 72aeadb9d8333c2749319d71a111bae14c2327be Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Thu, 11 Jun 2020 16:41:28 +0200 Subject: [PATCH 069/109] Use latest tag as default tag for test-scan parser --- integrations/test-scan/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integrations/test-scan/values.yaml b/integrations/test-scan/values.yaml index 8d51b70e..538e2e6d 100644 --- a/integrations/test-scan/values.yaml +++ b/integrations/test-scan/values.yaml @@ -1,4 +1,4 @@ parserImage: registry: docker.io repository: scbexperimental/parser-test-scan - tag: hooks + tag: latest From 05c5831c87cd9afcd4e30c47cb1b597565226e25 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Thu, 11 Jun 2020 16:43:00 +0200 Subject: [PATCH 070/109] Also tag update-field hook with git tag This lets us use the build for the current commit --- .github/workflows/ci.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 680227b3..223ea56a 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -239,6 +239,7 @@ jobs: repository: scbexperimental/update-field path: ./hooks/update-field/ tag_with_ref: true + tag_with_sha: true scannerImages: # Note we only build images for scanner that don't provider official public container images name: "Build / Scanner" From 076ad938506bfdcee9c2cfcb75df6f27592c12d3 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Thu, 11 Jun 2020 16:44:07 +0200 Subject: [PATCH 071/109] Run hook integration test with image of the current commit --- .github/workflows/ci.yaml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 223ea56a..9e407804 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -328,9 +328,15 @@ jobs: npx jest --ci --color no-scan-definition-error - name: "Hooks Integration Tests" run: | - helm -n integration-tests install update-category ./hooks/update-field --set="attribute.name=category" --set="attribute.value=fancy-category" - helm -n integration-tests install update-severity ./hooks/update-field --set="attribute.name=severity" --set="attribute.value=high" - helm -n integration-tests install test-scan ./integrations/test-scan + helm -n integration-tests install update-category ./hooks/update-field/ \ + --set="image.tag=sha-$(git rev-parse --short HEAD)" \ + --set="attribute.name=category" \ + --set="attribute.value=fancy-category" + helm -n integration-tests install update-severity ./hooks/update-field/ \ + --set="image.tag=sha-$(git rev-parse --short HEAD)" \ + --set="attribute.name=severity" \ + --set="attribute.value=high" + helm -n integration-tests install test-scan ./integrations/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" cd tests/integration/ npx jest --ci --color read-write-hook helm -n integration-tests uninstall test-scan update-category update-severity From a96e41312ef5379d9679092bcaeacf80ee2d0ce5 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Thu, 11 Jun 2020 16:56:00 +0200 Subject: [PATCH 072/109] Update to Amass v3.7.0 --- integrations/amass/templates/amass-scan-type.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integrations/amass/templates/amass-scan-type.yaml b/integrations/amass/templates/amass-scan-type.yaml index b843f39b..ef61e1bb 100644 --- a/integrations/amass/templates/amass-scan-type.yaml +++ b/integrations/amass/templates/amass-scan-type.yaml @@ -16,7 +16,7 @@ spec: restartPolicy: OnFailure containers: - name: amass - image: caffix/amass:v3.6.3 + image: caffix/amass:v3.7.0 command: - "amass" - "enum" From d1def44fc1316db30c2cb46be7a145f9a082350e Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Thu, 11 Jun 2020 20:28:37 +0200 Subject: [PATCH 073/109] Implements #3 'Find old SMB Protocol Versions in a network with NMAP' https://github.com/secureCodeBox/secureCodeBox-v2-alpha/issues/3 --- .../__testFiles__/localhost-smb-script.xml | 40 ++++ integrations/nmap/parser/parser.js | 169 +++++++++++++++- integrations/nmap/parser/parser.test.js | 187 ++++++++++++++++++ 3 files changed, 392 insertions(+), 4 deletions(-) create mode 100644 integrations/nmap/parser/__testFiles__/localhost-smb-script.xml diff --git a/integrations/nmap/parser/__testFiles__/localhost-smb-script.xml b/integrations/nmap/parser/__testFiles__/localhost-smb-script.xml new file mode 100644 index 00000000..8aab2f50 --- /dev/null +++ b/integrations/nmap/parser/__testFiles__/localhost-smb-script.xml @@ -0,0 +1,40 @@ + + + + + + + + + + +

+ + + + + + + + + + + + + + + + + + + + diff --git a/integrations/nmap/parser/parser.js b/integrations/nmap/parser/parser.js index bae765ad..0cf7471b 100644 --- a/integrations/nmap/parser/parser.js +++ b/integrations/nmap/parser/parser.js @@ -6,6 +6,9 @@ async function parse(fileContent) { } function transformToFindings(hosts) { + + const scriptFindings = transformNMAPScripts(hosts); + const portFindings = hosts.flatMap(({ openPorts = [], ...hostInfo }) => { if(openPorts === null){ return []; @@ -53,9 +56,161 @@ function transformToFindings(hosts) { }; }); - return [...portFindings, ...hostFindings]; + return [...portFindings, ...hostFindings, ...scriptFindings]; +} + +function transformNMAPScripts(hosts) { + let scriptFindings = []; + + for(const host of hosts) { + + if(host.scripts) { + for(const script of host.scripts) { + + // Parse SMB Script Results + if(script.$.id === 'smb-protocols') { + transformNmapScriptSmb(host, script ,scriptFindings); + } + } + } + } + + return scriptFindings; +} + +function transformNmapScriptSmb(host, script, scriptFindings) { + // Parse SMB Script Results + if(script.$.id === 'smb-protocols') { + console.log ("Found SMB Script Result: " + script.$.output); + //console.log (script); + + if(script.table && script.table[0] && script.table[0].elem) { + + for(const elem of script.table[0].elem) { + console.log ("Found SMB SMB Protocol: " + elem); + //console.log (elem); + + const smbVersion = parseFloat(elem); + + if(elem.toString().includes("SMBv1")) { + scriptFindings.push({ + name: "SMB Dangerous Protocol Version Finding SMBv1", + description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: SMBv1`, + category: 'SMB', + location: `${host.openPorts[0].protocol}://${host.ip}:${host.openPorts[0].port}`, + osi_layer: 'NETWORK', + severity: 'HIGH', + attributes: { + hostname: host.hostname, + mac_address: host.mac || null, + ip_address: host.ip, + port: host.openPorts[0].port, + state: host.openPorts[0].state, + protocol: host.openPorts[0].protocol, + method: host.openPorts[0].method, + operating_system: host.osNmap || null, + service: host.openPorts[0].service, + serviceProduct: host.openPorts[0].serviceProduct || null, + serviceVersion: host.openPorts[0].serviceVersion || null, + scripts: elem || null, + smb_protocol_version: 1, + } + }); + } + else if(!isNaN(smbVersion)) { + if(smbVersion > 0 && smbVersion < 2) { + scriptFindings.push({ + name: "SMB Dangerous Protocol Version Finding v"+smbVersion, + description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: ` + smbVersion, + category: 'SMB', + location: `${host.openPorts[0].protocol}://${host.ip}:${host.openPorts[0].port}`, + osi_layer: 'NETWORK', + severity: 'MEDIUM', + attributes: { + hostname: host.hostname, + mac_address: host.mac || null, + ip_address: host.ip, + port: host.openPorts[0].port, + state: host.openPorts[0].state, + protocol: host.openPorts[0].protocol, + method: host.openPorts[0].method, + operating_system: host.osNmap || null, + service: host.openPorts[0].service, + serviceProduct: host.openPorts[0].serviceProduct || null, + serviceVersion: host.openPorts[0].serviceVersion || null, + scripts: elem || null, + smb_protocol_version: smbVersion, + } + }); + } + if(smbVersion >= 2 && smbVersion < 3) { + scriptFindings.push({ + name: "SMB Protocol Version Finding v"+smbVersion, + description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with an old version: `+ smbVersion, + category: 'SMB', + location: `${host.openPorts[0].protocol}://${host.ip}:${host.openPorts[0].port}`, + osi_layer: 'NETWORK', + severity: 'LOW', + attributes: { + hostname: host.hostname, + mac_address: host.mac || null, + ip_address: host.ip, + port: host.openPorts[0].port, + state: host.openPorts[0].state, + protocol: host.openPorts[0].protocol, + method: host.openPorts[0].method, + operating_system: host.osNmap || null, + service: host.openPorts[0].service, + serviceProduct: host.openPorts[0].serviceProduct || null, + serviceVersion: host.openPorts[0].serviceVersion || null, + scripts: elem || null, + smb_protocol_version: smbVersion, + } + }); + } + if(smbVersion >= 3) { + scriptFindings.push({ + name: "SMB Protocol Version Finding v"+smbVersion, + description: `Port ${host.openPorts[0].port} is ${host.openPorts[0].state} using SMB protocol with version: ` + smbVersion, + category: 'SMB', + location: `${host.openPorts[0].protocol}://${host.ip}:${host.openPorts[0].port}`, + osi_layer: 'NETWORK', + severity: 'INFORMATIONAL', + attributes: { + hostname: host.hostname, + mac_address: host.mac || null, + ip_address: host.ip, + port: host.openPorts[0].port, + state: host.openPorts[0].state, + protocol: host.openPorts[0].protocol, + method: host.openPorts[0].method, + operating_system: host.osNmap || null, + service: host.openPorts[0].service, + serviceProduct: host.openPorts[0].serviceProduct || null, + serviceVersion: host.openPorts[0].serviceVersion || null, + scripts: elem || null, + smb_protocol_version: smbVersion, + } + }); + } + } + } + } + } } +/** + * Parses a given NMAP XML file to a smaller JSON represenation with the following object: + * { + * hostname: null, + * ip: null, + * mac: null, + * openPorts: null, + * osNmap: null, + * scripts: null + * } + * @param {*} fileContent + */ function parseResultFile(fileContent) { return new Promise((resolve, reject) => { xml2js.parseString(fileContent, (err, xmlInput) => { @@ -77,9 +232,10 @@ function parseResultFile(fileContent) { mac: null, openPorts: null, osNmap: null, + scripts: null }; - //Get hostname + // Get hostname if ( host.hostnames && host.hostnames[0] !== '\r\n' && @@ -88,7 +244,7 @@ function parseResultFile(fileContent) { newHost.hostname = host.hostnames[0].hostname[0].$.name; } - //get addresses + // Get addresses host.address.forEach(address => { const addressType = address.$.addrtype; const addressAdress = address.$.addr; @@ -102,7 +258,7 @@ function parseResultFile(fileContent) { } }); - //get ports + // Get ports if (host.ports && host.ports[0].port) { const portList = host.ports[0].port; @@ -156,6 +312,11 @@ function parseResultFile(fileContent) { }); } + // Get Script Content + if(host.hostscript && host.hostscript[0].script) { + newHost.scripts = host.hostscript[0].script + } + if (host.os && host.os[0].osmatch && host.os[0].osmatch[0].$.name) { newHost.osNmap = host.os[0].osmatch[0].$.name; } diff --git a/integrations/nmap/parser/parser.test.js b/integrations/nmap/parser/parser.test.js index 84fdf68b..a5a517c3 100644 --- a/integrations/nmap/parser/parser.test.js +++ b/integrations/nmap/parser/parser.test.js @@ -152,3 +152,190 @@ test("should properly parse a nmap xml without any host", async () => { expect(await parse(xmlContent)).toMatchInlineSnapshot(`Array []`); }); + +test("Should properly parse a nmap xml with script specific SMB findings", async () => { + const xmlContent = await readFile( + __dirname + "/__testFiles__/localhost-smb-script.xml", + { + encoding: "utf8" + } + ); + + expect(await parse(xmlContent)).toMatchInlineSnapshot(` + Array [ + Object { + "attributes": Object { + "hostname": "example.com", + "ip_address": "10.50.0.2", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 445, + "protocol": "tcp", + "scripts": null, + "service": "microsoft-ds", + "serviceProduct": null, + "serviceVersion": null, + "state": "open", + }, + "category": "Open Port", + "description": "Port 445 is open using tcp protocol.", + "location": "tcp://10.50.0.2:445", + "name": "microsoft-ds", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "hostname": "example.com", + "ip_address": "10.50.0.2", + "operating_system": null, + }, + "category": "Host", + "description": "Found a host", + "location": "example.com", + "name": "Host: example.com", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "hostname": "example.com", + "ip_address": "10.50.0.2", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 445, + "protocol": "tcp", + "scripts": "NT LM 0.12 (SMBv1) [dangerous, but default]", + "service": "microsoft-ds", + "serviceProduct": null, + "serviceVersion": null, + "smb_protocol_version": 1, + "state": "open", + }, + "category": "SMB", + "description": "Port 445 is open using SMB protocol with an old version: SMBv1", + "location": "tcp://10.50.0.2:445", + "name": "SMB Dangerous Protocol Version Finding SMBv1", + "osi_layer": "NETWORK", + "severity": "HIGH", + }, + Object { + "attributes": Object { + "hostname": "example.com", + "ip_address": "10.50.0.2", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 445, + "protocol": "tcp", + "scripts": "2.02", + "service": "microsoft-ds", + "serviceProduct": null, + "serviceVersion": null, + "smb_protocol_version": 2.02, + "state": "open", + }, + "category": "SMB", + "description": "Port 445 is open using SMB protocol with an old version: 2.02", + "location": "tcp://10.50.0.2:445", + "name": "SMB Protocol Version Finding v2.02", + "osi_layer": "NETWORK", + "severity": "LOW", + }, + Object { + "attributes": Object { + "hostname": "example.com", + "ip_address": "10.50.0.2", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 445, + "protocol": "tcp", + "scripts": "2.10", + "service": "microsoft-ds", + "serviceProduct": null, + "serviceVersion": null, + "smb_protocol_version": 2.1, + "state": "open", + }, + "category": "SMB", + "description": "Port 445 is open using SMB protocol with an old version: 2.1", + "location": "tcp://10.50.0.2:445", + "name": "SMB Protocol Version Finding v2.1", + "osi_layer": "NETWORK", + "severity": "LOW", + }, + Object { + "attributes": Object { + "hostname": "example.com", + "ip_address": "10.50.0.2", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 445, + "protocol": "tcp", + "scripts": "3.00", + "service": "microsoft-ds", + "serviceProduct": null, + "serviceVersion": null, + "smb_protocol_version": 3, + "state": "open", + }, + "category": "SMB", + "description": "Port 445 is open using SMB protocol with version: 3", + "location": "tcp://10.50.0.2:445", + "name": "SMB Protocol Version Finding v3", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "hostname": "example.com", + "ip_address": "10.50.0.2", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 445, + "protocol": "tcp", + "scripts": "3.02", + "service": "microsoft-ds", + "serviceProduct": null, + "serviceVersion": null, + "smb_protocol_version": 3.02, + "state": "open", + }, + "category": "SMB", + "description": "Port 445 is open using SMB protocol with version: 3.02", + "location": "tcp://10.50.0.2:445", + "name": "SMB Protocol Version Finding v3.02", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + Object { + "attributes": Object { + "hostname": "example.com", + "ip_address": "10.50.0.2", + "mac_address": null, + "method": "table", + "operating_system": null, + "port": 445, + "protocol": "tcp", + "scripts": "3.11", + "service": "microsoft-ds", + "serviceProduct": null, + "serviceVersion": null, + "smb_protocol_version": 3.11, + "state": "open", + }, + "category": "SMB", + "description": "Port 445 is open using SMB protocol with version: 3.11", + "location": "tcp://10.50.0.2:445", + "name": "SMB Protocol Version Finding v3.11", + "osi_layer": "NETWORK", + "severity": "INFORMATIONAL", + }, + ] + `); +}); From a9bec42a5aeb6ad1812cf54da04933c902a8e24e Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Thu, 11 Jun 2020 22:39:51 +0200 Subject: [PATCH 074/109] Trying to fix some operator issues: updating crds and rbac rules --- ...ution.experimental.securecodebox.io_scans.yaml | 15 +++++++++++++++ .../rbac/auth_proxy_client_clusterrole.yaml | 7 +++++++ operator/templates/rbac/auth_proxy_role.yaml | 13 +++++++++++++ .../templates/rbac/auth_proxy_role_binding.yaml | 13 +++++++++++++ operator/templates/rbac/auth_proxy_service.yaml | 14 ++++++++++++++ 5 files changed, 62 insertions(+) create mode 100644 operator/templates/rbac/auth_proxy_client_clusterrole.yaml create mode 100644 operator/templates/rbac/auth_proxy_role.yaml create mode 100644 operator/templates/rbac/auth_proxy_role_binding.yaml create mode 100644 operator/templates/rbac/auth_proxy_service.yaml diff --git a/operator/crds/execution.experimental.securecodebox.io_scans.yaml b/operator/crds/execution.experimental.securecodebox.io_scans.yaml index 1d860020..f435f3b7 100644 --- a/operator/crds/execution.experimental.securecodebox.io_scans.yaml +++ b/operator/crds/execution.experimental.securecodebox.io_scans.yaml @@ -113,6 +113,21 @@ spec: description: RawResultType determines which kind of ParseDefinition will be used to turn the raw results of the scanner into findings type: string + readAndWriteHookStatus: + items: + properties: + hookName: + type: string + jobName: + type: string + state: + description: HookState Describes the State of a Hook on a Scan + type: string + required: + - hookName + - state + type: object + type: array state: type: string type: object diff --git a/operator/templates/rbac/auth_proxy_client_clusterrole.yaml b/operator/templates/rbac/auth_proxy_client_clusterrole.yaml new file mode 100644 index 00000000..7d62534c --- /dev/null +++ b/operator/templates/rbac/auth_proxy_client_clusterrole.yaml @@ -0,0 +1,7 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: metrics-reader +rules: +- nonResourceURLs: ["/metrics"] + verbs: ["get"] diff --git a/operator/templates/rbac/auth_proxy_role.yaml b/operator/templates/rbac/auth_proxy_role.yaml new file mode 100644 index 00000000..618f5e41 --- /dev/null +++ b/operator/templates/rbac/auth_proxy_role.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: proxy-role +rules: +- apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: ["create"] +- apiGroups: ["authorization.k8s.io"] + resources: + - subjectaccessreviews + verbs: ["create"] diff --git a/operator/templates/rbac/auth_proxy_role_binding.yaml b/operator/templates/rbac/auth_proxy_role_binding.yaml new file mode 100644 index 00000000..efcb2865 --- /dev/null +++ b/operator/templates/rbac/auth_proxy_role_binding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: proxy-role +subjects: +- kind: ServiceAccount + name: default + namespace: {{ .Release.Namespace }} + diff --git a/operator/templates/rbac/auth_proxy_service.yaml b/operator/templates/rbac/auth_proxy_service.yaml new file mode 100644 index 00000000..6cf656be --- /dev/null +++ b/operator/templates/rbac/auth_proxy_service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: controller-manager-metrics-service + namespace: system +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager From 22bd0d395a32e97f970f97d565ae65d4927b214f Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Thu, 11 Jun 2020 22:49:38 +0200 Subject: [PATCH 075/109] Trying to fix some operator issues: updating crds and rbac rules --- operator/templates/rbac/auth_proxy_service.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/operator/templates/rbac/auth_proxy_service.yaml b/operator/templates/rbac/auth_proxy_service.yaml index 6cf656be..2cc3788c 100644 --- a/operator/templates/rbac/auth_proxy_service.yaml +++ b/operator/templates/rbac/auth_proxy_service.yaml @@ -4,7 +4,7 @@ metadata: labels: control-plane: controller-manager name: controller-manager-metrics-service - namespace: system + namespace: {{ .Release.Namespace }} spec: ports: - name: https From 1cf0c78ba20ef2633c2c3c4ffb7e8dae49eeabad Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Thu, 11 Jun 2020 23:03:19 +0200 Subject: [PATCH 076/109] Optimized helm install help --- README.md | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 0d48b946..e136f7e3 100644 --- a/README.md +++ b/README.md @@ -66,26 +66,26 @@ kubectl create namespace securecodebox-system helm -n securecodebox-system install securecodebox-operator ./operator/ --set image.tag=hooks # Deploy definitions for the integrated scanners -helm install amass ./integrations/amass/ -helm install kube-hunter ./integrations/kube-hunter/ -helm install nikto ./integrations/nikto -helm install nmap ./integrations/nmap/ -helm install ssh-scan ./integrations/ssh_scan/ -helm install sslyze ./integrations/sslyze/ -helm install trivy ./integrations/trivy/ -helm install zap ./integrations/zap/ -helm install wpscan ./integrations/wpscan/ +helm upgrade --install amass ./integrations/amass/ +helm upgrade --install kube-hunter ./integrations/kube-hunter/ +helm upgrade --install nikto ./integrations/nikto +helm upgrade --install nmap ./integrations/nmap/ +helm upgrade --install ssh-scan ./integrations/ssh_scan/ +helm upgrade --install sslyze ./integrations/sslyze/ +helm upgrade --install trivy ./integrations/trivy/ +helm upgrade --install zap ./integrations/zap/ +helm upgrade --install wpscan ./integrations/wpscan/ # Optional Deploy some Demo Apps for scanning -helm install dummy-ssh ./demo-apps/dummy-ssh/ +helm upgrade --install dummy-ssh ./demo-apps/dummy-ssh/ # Deploy secureCodeBox Hooks -helm install add-attributes ./hooks/add-attributes/ -helm install generic-webhook ./hooks/generic-webhook/ -helm install imperative-subsequent-scans ./hooks/imperative-subsequent-scans/ +helm upgrade --install add-attributes ./hooks/add-attributes/ +helm upgrade --install generic-webhook ./hooks/generic-webhook/ +helm upgrade --install imperative-subsequent-scans ./hooks/imperative-subsequent-scans/ ## Persistence Provider: Elasticsearch -helm install persistence-elastic ./hooks/persistence-elastic/ +helm upgrade --install persistence-elastic ./hooks/persistence-elastic/ ``` ### Examples From 2c22df57244f52ea7f4ca7cd8baa098944300aed Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Thu, 11 Jun 2020 23:04:04 +0200 Subject: [PATCH 077/109] Updating operator chart due to new rbac and crds --- operator/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/operator/Chart.yaml b/operator/Chart.yaml index 301cb2b0..8c474eae 100644 --- a/operator/Chart.yaml +++ b/operator/Chart.yaml @@ -10,7 +10,7 @@ version: 0.1.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 1.16.0 +appVersion: 1.17.0 dependencies: - name: minio From 8d0c7d0738e4f1d14f77e38c9fa0fb13b84367f5 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Fri, 12 Jun 2020 11:45:20 +0200 Subject: [PATCH 078/109] Fix bug which lead scans to be marked as done when the ReadOnly hooks are still running ReadOnly Hooks were labeled as ReadAndWrite when started which lead them to not be found later --- operator/controllers/execution/scan_controller.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 315d3104..1065371f 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -1013,7 +1013,11 @@ func (r *ScanReconciler) createJobForHook(hook *executionv1.ScanCompletionHook, if labels == nil { labels = make(map[string]string) } - labels["experimental.securecodebox.io/job-type"] = "read-and-write-hook" + if hook.Spec.Type == executionv1.ReadAndWrite { + labels["experimental.securecodebox.io/job-type"] = "read-and-write-hook" + } else if hook.Spec.Type == executionv1.ReadOnly { + labels["experimental.securecodebox.io/job-type"] = "read-only-hook" + } var backOffLimit int32 = 3 job := &batch.Job{ ObjectMeta: metav1.ObjectMeta{ From 4604fe5ea3bdc177c410d88ee6e6148faaeb3352 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Fri, 12 Jun 2020 11:50:50 +0200 Subject: [PATCH 079/109] Update to amass 3.7.1 --- integrations/amass/Chart.yaml | 16 ++++++++-------- .../amass/templates/amass-scan-type.yaml | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/integrations/amass/Chart.yaml b/integrations/amass/Chart.yaml index 25ddf438..cf8662cc 100644 --- a/integrations/amass/Chart.yaml +++ b/integrations/amass/Chart.yaml @@ -4,17 +4,17 @@ description: A Helm chart for the Amass security Scanner that integrates with th type: application version: 0.1.0 -appVersion: latest +appVersion: 3.7.1 keywords: -- security -- amass -- scanner -- secureCodeBox + - security + - amass + - scanner + - secureCodeBox home: https://www.securecodebox.io/scanner/Amass icon: https://www.securecodebox.io/integrationIcons/Amass.svg sources: -- https://github.com/secureCodeBox/secureCodeBox + - https://github.com/secureCodeBox/secureCodeBox maintainers: -- name: iteratec GmbH - email: security@iteratec.com + - name: iteratec GmbH + email: security@iteratec.com diff --git a/integrations/amass/templates/amass-scan-type.yaml b/integrations/amass/templates/amass-scan-type.yaml index ef61e1bb..02c107cb 100644 --- a/integrations/amass/templates/amass-scan-type.yaml +++ b/integrations/amass/templates/amass-scan-type.yaml @@ -16,7 +16,7 @@ spec: restartPolicy: OnFailure containers: - name: amass - image: caffix/amass:v3.7.0 + image: caffix/amass:v3.7.1 command: - "amass" - "enum" From ae8d6575546136c0edadcccccee2045dbb77fbf4 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Fri, 12 Jun 2020 12:10:23 +0200 Subject: [PATCH 080/109] Extending RBAC Rules to allow scan hooks to create new scans (used by imperative-subsequent-scans) --- operator/controllers/execution/scan_controller.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index 1065371f..b1e7f032 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -977,7 +977,7 @@ func (r *ScanReconciler) createJobForHook(hook *executionv1.ScanCompletionHook, { APIGroups: []string{"execution.experimental.securecodebox.io"}, Resources: []string{"scans"}, - Verbs: []string{"get"}, + Verbs: []string{"get", "list", "create"}, }, { APIGroups: []string{"execution.experimental.securecodebox.io"}, From 17e451ed6357fa3f4c9f26d3241c5183735564da Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Fri, 12 Jun 2020 12:59:08 +0200 Subject: [PATCH 081/109] Extending RBAC Rules to allow scan hooks to create new scans (used by imperative-subsequent-scans) --- operator/Chart.yaml | 2 +- operator/controllers/execution/scan_controller.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/operator/Chart.yaml b/operator/Chart.yaml index 8c474eae..a0f7d8b9 100644 --- a/operator/Chart.yaml +++ b/operator/Chart.yaml @@ -10,7 +10,7 @@ version: 0.1.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 1.17.0 +appVersion: 1.18.0 dependencies: - name: minio diff --git a/operator/controllers/execution/scan_controller.go b/operator/controllers/execution/scan_controller.go index b1e7f032..bf517ea9 100644 --- a/operator/controllers/execution/scan_controller.go +++ b/operator/controllers/execution/scan_controller.go @@ -686,7 +686,7 @@ func (r *ScanReconciler) startReadOnlyHooks(scan *executionv1.Scan) error { { APIGroups: []string{"execution.experimental.securecodebox.io"}, Resources: []string{"scans"}, - Verbs: []string{"get"}, + Verbs: []string{"get", "create", "list"}, }, } serviceAccountName := "scan-completion-hook" From 31630c3122ffca1d86e92b6596646e78084ea464 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Fri, 12 Jun 2020 13:44:50 +0200 Subject: [PATCH 082/109] Start combined scan in current namespace --- hooks/imperative-subsequent-scans/scan-helpers.js | 1 + 1 file changed, 1 insertion(+) diff --git a/hooks/imperative-subsequent-scans/scan-helpers.js b/hooks/imperative-subsequent-scans/scan-helpers.js index 53b22a5f..5f5cc957 100644 --- a/hooks/imperative-subsequent-scans/scan-helpers.js +++ b/hooks/imperative-subsequent-scans/scan-helpers.js @@ -17,6 +17,7 @@ async function startSubsequentSecureCodeBoxScan({ kind: "Scan", metadata: { name: name, + namespace: process.env['NAMESPACE'], labels: { ...parentScan.metadata.labels, }, From 41d9e643d3e23fbc8684764aa3af101dc4613d60 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Fri, 12 Jun 2020 13:45:34 +0200 Subject: [PATCH 083/109] Inline ownerReference --- .../scan-helpers.js | 33 ++++++++----------- 1 file changed, 13 insertions(+), 20 deletions(-) diff --git a/hooks/imperative-subsequent-scans/scan-helpers.js b/hooks/imperative-subsequent-scans/scan-helpers.js index 5f5cc957..6c21e757 100644 --- a/hooks/imperative-subsequent-scans/scan-helpers.js +++ b/hooks/imperative-subsequent-scans/scan-helpers.js @@ -17,15 +17,24 @@ async function startSubsequentSecureCodeBoxScan({ kind: "Scan", metadata: { name: name, - namespace: process.env['NAMESPACE'], + namespace: process.env["NAMESPACE"], labels: { ...parentScan.metadata.labels, }, annotations: { - 'securecodebox.io/hook': 'nmap-subsequent-scans', - 'securecodebox.io/parent-scan': parentScan.metadata.name, + "securecodebox.io/hook": "nmap-subsequent-scans", + "securecodebox.io/parent-scan": parentScan.metadata.name, }, - ...(await getOwnerReference(parentScan)), + ownerReferences: [ + { + apiVersion: "execution.experimental.securecodebox.io/v1", + blockOwnerDeletion: true, + controller: true, + kind: "Scan", + name: parentScan.metadata.name, + uid: parentScan.metadata.uid, + }, + ], }, spec: { scanType, @@ -33,7 +42,6 @@ async function startSubsequentSecureCodeBoxScan({ }, }; - try { // Starting another subsequent sslyze scan based on the nmap results // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 @@ -51,19 +59,4 @@ async function startSubsequentSecureCodeBoxScan({ } } -async function getOwnerReference(parentScan) { - return { - ownerReferences: [ - { - apiVersion: 'execution.experimental.securecodebox.io/v1', - blockOwnerDeletion: true, - controller: true, - kind: 'Scan', - name: parentScan.metadata.name, - uid: parentScan.metadata.uid, - }, - ], - }; -} - module.exports.startSubsequentSecureCodeBoxScan = startSubsequentSecureCodeBoxScan; From b5665b2455f252b2e4f3293e64043e648a332b86 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Fri, 12 Jun 2020 14:00:24 +0200 Subject: [PATCH 084/109] Correct where the namespace is specified --- hooks/imperative-subsequent-scans/scan-helpers.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/hooks/imperative-subsequent-scans/scan-helpers.js b/hooks/imperative-subsequent-scans/scan-helpers.js index 6c21e757..ec3539fe 100644 --- a/hooks/imperative-subsequent-scans/scan-helpers.js +++ b/hooks/imperative-subsequent-scans/scan-helpers.js @@ -17,7 +17,6 @@ async function startSubsequentSecureCodeBoxScan({ kind: "Scan", metadata: { name: name, - namespace: process.env["NAMESPACE"], labels: { ...parentScan.metadata.labels, }, @@ -48,7 +47,7 @@ async function startSubsequentSecureCodeBoxScan({ await k8sApiCRD.createNamespacedCustomObject( "execution.experimental.securecodebox.io", "v1", - "default", + process.env["NAMESPACE"], "scans", scanDefinition, "false" From 998639e47f0b4d441a08ab16aa765eae8c926f53 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach <13718901+J12934@users.noreply.github.com> Date: Fri, 12 Jun 2020 14:12:47 +0200 Subject: [PATCH 085/109] Convert string env vars to bools --- hooks/imperative-subsequent-scans/hook.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/hooks/imperative-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js index 1c65a74e..fd3fbe78 100644 --- a/hooks/imperative-subsequent-scans/hook.js +++ b/hooks/imperative-subsequent-scans/hook.js @@ -3,12 +3,12 @@ const { startSubsequentSecureCodeBoxScan } = require("./scan-helpers"); async function handle({ scan, getFindings, - cascadeAmassNmap = process.env["CASCADE_AMASS_NMAP"], - cascadeNmapSsl = process.env["CASCADE_NMAP_SSL"], - cascadeNmapSsh = process.env["CASCADE_NMAP_SSH"], - cascadeNmapNikto = process.env["CASCADE_NMAP_NIKTO"], - cascadeNmapSmb = process.env["CASCADE_NMAP_SMB"], - cascadeNmapZapBaseline = process.env["CASCADE_NMAP_ZAP_BASELINE"] + cascadeAmassNmap = process.env["CASCADE_AMASS_NMAP"] === "true", + cascadeNmapSsl = process.env["CASCADE_NMAP_SSL"] === "true", + cascadeNmapSsh = process.env["CASCADE_NMAP_SSH"] === "true", + cascadeNmapNikto = process.env["CASCADE_NMAP_NIKTO"] === "true", + cascadeNmapSmb = process.env["CASCADE_NMAP_SMB"] === "true", + cascadeNmapZapBaseline = process.env["CASCADE_NMAP_ZAP_BASELINE"] === "true", }) { const findings = await getFindings(); From 643369bca1213831a5cedcdfb2db492da1415314 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Fri, 12 Jun 2020 15:28:52 +0200 Subject: [PATCH 086/109] Bugfix if hostname is null no subsequent scan should be started (use ip instead --- hooks/imperative-subsequent-scans/hook.js | 8 +++-- .../imperative-subsequent-scans/hook.test.js | 36 ++++++++++++++----- 2 files changed, 32 insertions(+), 12 deletions(-) diff --git a/hooks/imperative-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js index fd3fbe78..00dbb7f7 100644 --- a/hooks/imperative-subsequent-scans/hook.js +++ b/hooks/imperative-subsequent-scans/hook.js @@ -27,13 +27,15 @@ async function handle({ for (const finding of findings) { if ( finding.category === "Open Port" && - finding.attributes.state === "open" + finding.attributes.state === "open" && + (finding.attributes.hostname != null || finding.attributes.ip_address) ) { - const hostname = finding.attributes.hostname; + + const hostname = finding.attributes.hostname || finding.attributes.ip_address; const port = finding.attributes.port; console.log( - "Found NMAP 'Open Port' finding for port: '" + finding.attributes.port+"' and service: '" + finding.attributes.service + "'" + "Found NMAP 'Open Port' finding for host '"+hostname+"' port: '" + finding.attributes.port+"' and service: '" + finding.attributes.service + "'" ); // search for HTTP ports and start subsequent Nikto Scan diff --git a/hooks/imperative-subsequent-scans/hook.test.js b/hooks/imperative-subsequent-scans/hook.test.js index b30ef66f..2b21728a 100644 --- a/hooks/imperative-subsequent-scans/hook.test.js +++ b/hooks/imperative-subsequent-scans/hook.test.js @@ -244,6 +244,17 @@ test("Should create subsequent scans for open SMB ports (NMAP findings)", async service: "filtered", }, }, + { + name: "Port 445 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: null, + ip_address: "10.10.0.0", + port: 445, + service: "microsoft-ds", + }, + }, ]; const scan = { @@ -274,7 +285,7 @@ test("Should create subsequent scans for open SMB ports (NMAP findings)", async cascadeNmapZapBaseline }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(9); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(10); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(9, { name: "nmap-smb-foobar.com", @@ -282,6 +293,13 @@ test("Should create subsequent scans for open SMB ports (NMAP findings)", async parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nmap", }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(10, { + name: "nmap-smb-10.10.0.0", + parameters: ["-Pn", "-p445", "--script", "smb-protocols", "10.10.0.0"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "nmap", + }); }); test("Should create subsequent scans for subdomains (AMASS findings)", async () => { @@ -332,16 +350,16 @@ test("Should create subsequent scans for subdomains (AMASS findings)", async () cascadeNmapZapBaseline }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(10, { + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(11, { name: "nmap-www.example.com", parameters: ["-Pn", "www.example.com"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nmap", }); // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap - expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(11, { + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(12, { name: "nmap-example.example.com", parameters: ["-Pn", "example.example.com"], parentScan: { metadata: { labels: { foo: "bar" } } }, @@ -397,10 +415,10 @@ test("Should not create subsequent scans for subdomains (AMASS subsequent scans cascadeNmapZapBaseline }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12); }); -test("Should not create subsequent scans for subdomains (no AMASS findings)", async () => { +test("Should not create subsequent scans for empty findings even if activated", async () => { const findings = []; const scan = { @@ -431,10 +449,10 @@ test("Should not create subsequent scans for subdomains (no AMASS findings)", as cascadeNmapZapBaseline }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12); }); -test("Should create subsequent scans for open SMB ports (NMAP findings)", async () => { +test("Should not create subsequent scans if no subsequent scan is activated", async () => { const findings = [ { name: "Port 445 is open", @@ -562,5 +580,5 @@ test("Should create subsequent scans for open SMB ports (NMAP findings)", async cascadeNmapZapBaseline }); - expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(11); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12); }); \ No newline at end of file From e72173495ce265b1c480f72dac24017a3b8f7743 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Fri, 12 Jun 2020 23:37:59 +0200 Subject: [PATCH 087/109] Increasing version due to latest improvements --- integrations/nmap/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integrations/nmap/Chart.yaml b/integrations/nmap/Chart.yaml index 3d8f1911..253ac64f 100644 --- a/integrations/nmap/Chart.yaml +++ b/integrations/nmap/Chart.yaml @@ -4,7 +4,7 @@ description: A Helm chart for the NMAP security Scanner that integrates with the type: application version: 0.1.0 -appVersion: 0.1.0 +appVersion: 0.2.0 keywords: - security From c3d4d157d479fa9ca0d826ed0637deceeea18a1f Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Fri, 12 Jun 2020 23:43:28 +0200 Subject: [PATCH 088/109] Changing app version number --- hooks/imperative-subsequent-scans/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hooks/imperative-subsequent-scans/Chart.yaml b/hooks/imperative-subsequent-scans/Chart.yaml index fa8866aa..554c41d9 100644 --- a/hooks/imperative-subsequent-scans/Chart.yaml +++ b/hooks/imperative-subsequent-scans/Chart.yaml @@ -6,6 +6,6 @@ type: application version: 0.1.0 -appVersion: latest +appVersion: 0.1.0 dependencies: [] From 73e775aa3ffc1ecaa517f9b748ab514b4c5a2586 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Sat, 13 Jun 2020 09:58:56 +0200 Subject: [PATCH 089/109] Use shorter name for imperative-subsequent-scans hook --- .../templates/imperative-subsequent-scans-hook.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml b/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml index 5ac6ea28..8f6e9467 100644 --- a/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml +++ b/hooks/imperative-subsequent-scans/templates/imperative-subsequent-scans-hook.yaml @@ -1,7 +1,7 @@ apiVersion: "execution.experimental.securecodebox.io/v1" kind: ScanCompletionHook metadata: - name: {{ include "imperative-subsequent-scans.fullname" . }} + name: {{ .Release.Name }} spec: type: ReadOnly {{- if .Values.image.registry }} From 08903ca41603014ab3c0706a62b05f9856b5a822 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Sat, 13 Jun 2020 22:23:38 +0200 Subject: [PATCH 090/109] Improved imperative scan to respect the correct identified ports for each subsequent scan. --- hooks/imperative-subsequent-scans/hook.js | 18 +-- .../imperative-subsequent-scans/hook.test.js | 128 ++++++++++++++++-- 2 files changed, 126 insertions(+), 20 deletions(-) diff --git a/hooks/imperative-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js index 00dbb7f7..bb5780c5 100644 --- a/hooks/imperative-subsequent-scans/hook.js +++ b/hooks/imperative-subsequent-scans/hook.js @@ -43,7 +43,7 @@ async function handle({ cascadeNmapNikto && finding.attributes.service === "http" ) { - await startNiktoScan({ + await startNiktoHttpScan({ parentScan: scan, hostname, port, @@ -82,7 +82,7 @@ async function handle({ (finding.attributes.service === "ssl" || finding.attributes.service === "https") ) { - await startZAPBaselineScan({ + await startZAPBaselineHttpsScan({ parentScan: scan, hostname, port, @@ -167,14 +167,14 @@ async function startNMAPScan({ parentScan, hostname}) { * @param {string} hostname The hostname to start a new subsequent ZAP scan for. * @param {string} port The port to start a new subsequent ZAP scan for. */ -async function startZAPBaselineScan({ parentScan, hostname, port }) { +async function startZAPBaselineHttpsScan({ parentScan, hostname, port }) { console.log( " --> Starting async subsequent ZAP Scan for host: " + hostname + ":" + port ); await startSubsequentSecureCodeBoxScan({ parentScan, - name: `zap-${hostname.toLowerCase()}`, + name: `zap-https-${hostname.toLowerCase()}`, scanType: "zap-baseline", parameters: ["-t", "https://" + hostname + ":" + port], }); @@ -194,7 +194,7 @@ async function startSSHScan({ parentScan, hostname, port }) { parentScan, name: `ssh-${hostname.toLowerCase()}`, scanType: "ssh-scan", - parameters: ["-t", hostname], + parameters: ["-t", hostname, "-p", port.toString()], }); } @@ -203,16 +203,16 @@ async function startSSHScan({ parentScan, hostname, port }) { * @param {string} hostname The hostname to start a new subsequent Nikto scan for. * @param {string} port The port to start a new subsequent Nikto scan for. */ -async function startNiktoScan({ parentScan, hostname, port }) { +async function startNiktoHttpScan({ parentScan, hostname, port }) { console.log( " --> Starting async subsequent Nikto Scan for host: " + hostname + ":" + port ); await startSubsequentSecureCodeBoxScan({ parentScan, - name: `nikto-${hostname.toLowerCase()}`, + name: `nikto-http-${hostname.toLowerCase()}`, scanType: "nikto", - parameters: ["-h", "https://" + hostname, "-Tuning", "1,2,3,5,7,b"], + parameters: ["-h", "http://" + hostname, "-p", port.toString(), "-Tuning", "1,2,3,5,7,b"], }); } @@ -230,7 +230,7 @@ async function startSSLyzeScan({ parentScan, hostname, port }) { parentScan, name: `sslyze-${hostname.toLowerCase()}`, scanType: "sslyze", - parameters: ["--regular", hostname], + parameters: ["--regular", hostname+":"+port], }); } diff --git a/hooks/imperative-subsequent-scans/hook.test.js b/hooks/imperative-subsequent-scans/hook.test.js index 2b21728a..5554d7db 100644 --- a/hooks/imperative-subsequent-scans/hook.test.js +++ b/hooks/imperative-subsequent-scans/hook.test.js @@ -59,25 +59,25 @@ test("Should create subsequent scans for open HTTPS ports (NMAP findings)", asyn expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(1, { name: "sslyze-foobar.com", - parameters: ["--regular", "foobar.com"], + parameters: ["--regular", "foobar.com:443"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "sslyze", }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(2, { - name: "zap-foobar.com", + name: "zap-https-foobar.com", parameters: ["-t", "https://foobar.com:443"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "zap-baseline", }); - // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap + // even if the HTTPS port is not running at port 443 a corresponding Sslyze scan should be created if a HTTP service is found by nmap expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(3, { name: "sslyze-example.com", - parameters: ["--regular", "example.com"], + parameters: ["--regular", "example.com:8443"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "sslyze", }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(4, { - name: "zap-example.com", + name: "zap-https-example.com", parameters: ["-t", "https://example.com:8443"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "zap-baseline", @@ -139,15 +139,15 @@ test("Should create subsequent scans for open HTTP ports (NMAP findings)", async expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(6); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(5, { - name: "nikto-foobar.com", - parameters: ["-h", "https://foobar.com", "-Tuning", "1,2,3,5,7,b"], + name: "nikto-http-foobar.com", + parameters: ["-h", "http://foobar.com", "-p", "80", "-Tuning", "1,2,3,5,7,b"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nikto", }); // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(6, { - name: "nikto-example.com", - parameters: ["-h", "https://example.com", "-Tuning", "1,2,3,5,7,b"], + name: "nikto-http-example.com", + parameters: ["-h", "http://example.com", "-p", "3000", "-Tuning", "1,2,3,5,7,b"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nikto", }); @@ -209,14 +209,14 @@ test("Should create subsequent scans for open SSH ports (NMAP findings)", async expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(7, { name: "ssh-foobar.com", - parameters: ["-t", "foobar.com"], + parameters: ["-t", "foobar.com", "-p", "22"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "ssh-scan", }); // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(8, { name: "ssh-example.com", - parameters: ["-t", "example.com"], + parameters: ["-t", "example.com", "-p", "23454"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "ssh-scan", }); @@ -581,4 +581,110 @@ test("Should not create subsequent scans if no subsequent scan is activated", as }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(12); +}); + +test("Should create subsequent scans for Service which are running in custom ports", async () => { + const findings = [ + { + name: "Port 22000 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "ssh.example.com", + port: 22000, + service: "ssh", + }, + }, + { + name: "Port 8000 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "http.example.com", + port: 8000, + service: "http", + }, + }, + { + name: "Port 3000 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "https.example.com", + port: 3000, + service: "https", + }, + }, + { + name: "Port 8443 is open", + category: "Open Port", + attributes: { + state: "open", + hostname: "ssl.example.com", + port: 8443, + service: "ssl", + }, + } + ]; + + const scan = { + metadata: { + labels: { + foo: "bar", + }, + }, + }; + + const cascadeAmassNmap = true; + const cascadeNmapSsl = true; + const cascadeNmapSsh = true; + const cascadeNmapNikto = true; + const cascadeNmapSmb = true; + const cascadeNmapZapBaseline = true; + + const getFindings = async () => findings; + + await handle({ + getFindings, + scan, + cascadeAmassNmap, + cascadeNmapSsl, + cascadeNmapSsh, + cascadeNmapNikto, + cascadeNmapSmb, + cascadeNmapZapBaseline + }); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(18); + + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(13, { + name: "ssh-ssh.example.com", + parameters: ["-t", "ssh.example.com", "-p", "22000"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "ssh-scan", + }); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(14, { + name: "nikto-http-http.example.com", + parameters: ["-h", "http://http.example.com", "-p", "8000", "-Tuning", "1,2,3,5,7,b"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "nikto", + }); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(15, { + name: "sslyze-https.example.com", + parameters: ["--regular", "https.example.com:3000"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "sslyze", + }); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(16, { + name: "zap-https-https.example.com", + parameters: ["-t", "https://https.example.com:3000"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "zap-baseline", + }); + expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(17, { + name: "sslyze-ssl.example.com", + parameters: ["--regular", "ssl.example.com:8443"], + parentScan: { metadata: { labels: { foo: "bar" } } }, + scanType: "sslyze", + }); }); \ No newline at end of file From a0daed2783a75ff6738f3a97e975c7b09c50d917 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Sat, 13 Jun 2020 22:24:49 +0200 Subject: [PATCH 091/109] Updated readme for integrated scanner --- integrations/nmap/readme.md | 3 + integrations/sslyze/README.md | 108 ++++++++++++++++++++++++++++- integrations/zap/README.md | 80 +++++++++++++++++++++ integrations/zap/examples/.gitkeep | 0 4 files changed, 190 insertions(+), 1 deletion(-) create mode 100644 integrations/zap/README.md create mode 100644 integrations/zap/examples/.gitkeep diff --git a/integrations/nmap/readme.md b/integrations/nmap/readme.md index d99802b2..2e20ec88 100644 --- a/integrations/nmap/readme.md +++ b/integrations/nmap/readme.md @@ -59,3 +59,6 @@ Some useful example parameters listed below: 2. Update the parser function here: `./parser/parser.js` 3. Update the parser tests here: `./parser/parser.test.js` 4. Run the testsuite: `npm test` + +#### Basic scanner tests +If you want to test sslyze localy you can use brew (only on macOS) to install it: `brew install nmap` \ No newline at end of file diff --git a/integrations/sslyze/README.md b/integrations/sslyze/README.md index 87801e35..63dd6d21 100644 --- a/integrations/sslyze/README.md +++ b/integrations/sslyze/README.md @@ -21,7 +21,7 @@ helm upgrade --install sslyze ./integrations/sslyze/ A set of examples can be found in the [examples](./examples) folder. * Example *secureCodeBox.io* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml) -* Example *example.com* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml) +* Example *example.com* [scan](./examples/example.com/scan.yaml) and [findings](./examples/example.com/findings.yaml) ## Configuration @@ -29,6 +29,109 @@ The follwing security scan configuration example are based on the [SSLyze Docume The command line interface can be used to easily run server scans: `sslyze --regular www.example.com` +```bash +Usage: sslyze [options] target1.com target2.com:443 target3.com:443{ip} etc... + +Options: + --version show program's version number and exit + -h, --help show this help message and exit + --regular Regular HTTPS scan; shortcut for --sslv2 --sslv3 + --tlsv1 --tlsv1_1 --tlsv1_2 --tlsv1_3 --reneg --resum + --certinfo --hide_rejected_ciphers --compression + --heartbleed --openssl_ccs --fallback --robot + + Trust stores options: + --update_trust_stores + Update the default trust stores used by SSLyze. The + latest stores will be downloaded from https://github.c + om/nabla-c0d3/trust_stores_observatory. This option is + meant to be used separately, and will silence any + other command line option supplied to SSLyze. + + Client certificate options: + --cert=CERT Client certificate chain filename. The certificates + must be in PEM format and must be sorted starting with + the subject's client certificate, followed by + intermediate CA certificates if applicable. + --key=KEY Client private key filename. + --keyform=KEYFORM Client private key format. DER or PEM (default). + --pass=KEYPASS Client private key passphrase. + + Input and output options: + --json_out=JSON_FILE + Write the scan results as a JSON document to the file + JSON_FILE. If JSON_FILE is set to "-", the JSON output + will instead be printed to stdout. The resulting JSON + file is a serialized version of the ScanResult objects + described in SSLyze's Python API: the nodes and + attributes will be the same. See https://nabla-c0d3.gi + thub.io/sslyze/documentation/available-scan- + commands.html for more details. + --targets_in=TARGETS_IN + Read the list of targets to scan from the file + TARGETS_IN. It should contain one host:port per line. + --quiet Do not output anything to stdout; useful when using + --json_out. + + Connectivity options: + --slow_connection Greatly reduce the number of concurrent connections + initiated by SSLyze. This will make the scans slower + but more reliable if the connection between your host + and the server is slow, or if the server cannot handle + many concurrent connections. Enable this option if you + are getting a lot of timeouts or errors. + --https_tunnel=HTTPS_TUNNEL + Tunnel all traffic to the target server(s) through an + HTTP CONNECT proxy. HTTP_TUNNEL should be the proxy's + URL: 'http://USER:PW@HOST:PORT/'. For proxies + requiring authentication, only Basic Authentication is + supported. + --starttls=STARTTLS + Perform a StartTLS handshake when connecting to the + target server(s). StartTLS should be one of: auto, + smtp, xmpp, xmpp_server, pop3, imap, ftp, ldap, rdp, + postgres. The 'auto' option will cause SSLyze to + deduce the protocol (ftp, imap, etc.) from the + supplied port number, for each target servers. + --xmpp_to=XMPP_TO Optional setting for STARTTLS XMPP. XMPP_TO should be + the hostname to be put in the 'to' attribute of the + XMPP stream. Default is the server's hostname. + --sni=SNI Use Server Name Indication to specify the hostname to + connect to. Will only affect TLS 1.0+ connections. + + Scan commands: + --tlsv1_1 Test a server for TLS 1.1 support. + --tlsv1_2 Test a server for TLS 1.2 support. + --robot Test a server for the ROBOT vulnerability. + --reneg Test a server for for insecure TLS renegotiation and + client-initiated renegotiation. + --early_data Test a server for TLS 1.3 early data support. + --fallback Test a server for the TLS_FALLBACK_SCSV mechanism to + prevent downgrade attacks. + --tlsv1_3 Test a server for TLS 1.3 support. + --certinfo Retrieve and analyze a server's certificate(s) to + verify its validity. + --certinfo_ca_file=CERTINFO_CA_FILE + Path to a file containing root certificates in PEM + format that will be used to verify the validity of the + server's certificate. + --heartbleed Test a server for the OpenSSL Heartbleed + vulnerability. + --resum_rate Measure a server's session resumption rate when + attempting 100 resumptions using session IDs. + --resum Test a server for session resumption support using + session IDs and TLS tickets. + --http_headers Test a server for the presence of security-related + HTTP headers. + --sslv2 Test a server for SSL 2.0 support. + --tlsv1 Test a server for TLS 1.0 support. + --sslv3 Test a server for SSL 3.0 support. + --compression Test a server for TLS compression support, which can + be leveraged to perform a CRIME attack. + --openssl_ccs Test a server for the OpenSSL CCS Injection + vulnerability (CVE-2014-0224). +``` + ## Development ### Local setup @@ -43,5 +146,8 @@ The command line interface can be used to easily run server scans: `sslyze --reg 3. Update the parser tests here: `./parser/parser.test.js` 4. Run the testsuite: `npm test` +#### Basic scanner tests +If you want to test sslyze localy you can use brew (only on macOS) to install it: `brew install sslyze` + [SSLyze GitHub]: https://github.com/nabla-c0d3/sslyze [SSLyze Documentation]: https://nabla-c0d3.github.io/sslyze/documentation/ \ No newline at end of file diff --git a/integrations/zap/README.md b/integrations/zap/README.md new file mode 100644 index 00000000..58cb5168 --- /dev/null +++ b/integrations/zap/README.md @@ -0,0 +1,80 @@ +--- +title: "ZAP" +path: "scanner/Zap" +category: "scanner" +usecase: "Webapplication Vulnerability Scanner" +--- + +![zap logo](https://raw.githubusercontent.com/wiki/zaproxy/zaproxy/images/zap32x32.png) + +The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing. + +To learn more about the ZAP scanner itself visit [OWASP_Zap_Project] or [zaproxy.org]. + + + +## Deployment + +The ZAP scanType can be deployed via helm. + +```bash +helm upgrade --install zap ./integrations/zap/ +``` + +## Examples + +A set of examples can be found in the [examples](./examples) folder. +* Example *secureCodeBox.io* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml) +* Example *example.com* [scan](./examples/example.com/scan.yaml) and [findings](./examples/example.com/findings.yaml) + +## Configuration + +The follwing security scan configuration example are based on the [ZAP Documentation], please take a look at the original documentation for more configuration examples. + +The command line interface can be used to easily run server scans: `-t www.example.com` + +```bash +Usage: zap-baseline.py -t [options] + -t target target URL including the protocol, eg https://www.example.com +Options: + -h print this help message + -c config_file config file to use to INFO, IGNORE or FAIL warnings + -u config_url URL of config file to use to INFO, IGNORE or FAIL warnings + -g gen_file generate default config file (all rules set to WARN) + -m mins the number of minutes to spider for (default 1) + -r report_html file to write the full ZAP HTML report + -w report_md file to write the full ZAP Wiki (Markdown) report + -x report_xml file to write the full ZAP XML report + -J report_json file to write the full ZAP JSON document + -a include the alpha passive scan rules as well + -d show debug messages + -P specify listen port + -D delay in seconds to wait for passive scanning + -i default rules not in the config file to INFO + -I do not return failure on warning + -j use the Ajax spider in addition to the traditional one + -l level minimum level to show: PASS, IGNORE, INFO, WARN or FAIL, use with -s to hide example URLs + -n context_file context file which will be loaded prior to spidering the target + -p progress_file progress file which specifies issues that are being addressed + -s short output format - dont show PASSes or example URLs + -T max time in minutes to wait for ZAP to start and the passive scan to run + -z zap_options ZAP command line options e.g. -z "-config aaa=bbb -config ccc=ddd" + --hook path to python file that define your custom hooks +``` + +## Development + +### Local setup +1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git` +2. Ensure you have node.js installed + * On MacOs with brew package manager: `brew install node` + +### Parser Development + +1. Install the dependencies `npm install` +2. Update the parser function here: `./parser/parser.js` +3. Update the parser tests here: `./parser/parser.test.js` +4. Run the testsuite: `npm test` + +[SSLyze GitHub]: https://github.com/nabla-c0d3/sslyze +[SSLyze Documentation]: https://nabla-c0d3.github.io/sslyze/documentation/ diff --git a/integrations/zap/examples/.gitkeep b/integrations/zap/examples/.gitkeep new file mode 100644 index 00000000..e69de29b From fcb4a6b5896a41a3c68f9ae26779e1ab838d755a Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Sat, 13 Jun 2020 23:07:43 +0200 Subject: [PATCH 092/109] Extended logging informations to get better debugging informations --- hooks/imperative-subsequent-scans/hook.js | 163 ++++++++++++++-------- 1 file changed, 107 insertions(+), 56 deletions(-) diff --git a/hooks/imperative-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js index bb5780c5..daaf2e57 100644 --- a/hooks/imperative-subsequent-scans/hook.js +++ b/hooks/imperative-subsequent-scans/hook.js @@ -132,16 +132,23 @@ async function handle({ * @param {string} port The port to start a new subsequent ZAP scan for. */ async function startSMBScan({ parentScan, hostname}) { - console.log( - " --> Starting async subsequent NMAP SMB Scan for host: " + hostname - ); - - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `nmap-smb-${hostname.toLowerCase()}`, - scanType: "nmap", - parameters: ["-Pn", "-p445", "--script", "smb-protocols", hostname], - }); + if(hostname) { + console.log( + " --> Starting async subsequent NMAP SMB Scan for host: " + hostname + ); + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `nmap-smb-${hostname.toLowerCase()}`, + scanType: "nmap", + parameters: ["-Pn", "-p445", "--script", "smb-protocols", hostname], + }); + } + else + { + console.log( + " --> Failed to start subsequent NMAP SMB Scan because host: '" + hostname + "' must not be null." + ); + } } /** @@ -150,16 +157,25 @@ async function startSMBScan({ parentScan, hostname}) { * @param {string} port The port to start a new subsequent ZAP scan for. */ async function startNMAPScan({ parentScan, hostname}) { - console.log( - " --> Starting async subsequent NMAP Scan for host: " + hostname - ); + - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `nmap-${hostname.toLowerCase()}`, - scanType: "nmap", - parameters: ["-Pn", hostname], - }); + if(hostname) { + console.log( + " --> Starting async subsequent NMAP Scan for host: " + hostname + ); + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `nmap-${hostname.toLowerCase()}`, + scanType: "nmap", + parameters: ["-Pn", hostname], + }); + } + else + { + console.log( + " --> Failed to start subsequent NMAP Scan because host: '" + hostname + "' must not be null." + ); + } } /** @@ -168,16 +184,25 @@ async function startNMAPScan({ parentScan, hostname}) { * @param {string} port The port to start a new subsequent ZAP scan for. */ async function startZAPBaselineHttpsScan({ parentScan, hostname, port }) { - console.log( - " --> Starting async subsequent ZAP Scan for host: " + hostname + ":" + port - ); + - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `zap-https-${hostname.toLowerCase()}`, - scanType: "zap-baseline", - parameters: ["-t", "https://" + hostname + ":" + port], - }); + if(hostname) { + console.log( + " --> Starting async subsequent ZAP Scan for host: '" + hostname + "' and port: '" + port + "'" + ); + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `zap-https-${hostname.toLowerCase()}`, + scanType: "zap-baseline", + parameters: ["-t", "https://" + hostname + ":" + port], + }); + } + else + { + console.log( + " --> Failed to start subsequent ZAP Scan because host: '" + hostname + "' and port: '" + port + "' must not be null." + ); + } } /** @@ -186,16 +211,24 @@ async function startZAPBaselineHttpsScan({ parentScan, hostname, port }) { * @param {string} port The port to start a new subsequent SSH scan for. */ async function startSSHScan({ parentScan, hostname, port }) { - console.log( - " --> Starting async subsequent SSH Scan for host: " + hostname + ":" + port - ); - - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `ssh-${hostname.toLowerCase()}`, - scanType: "ssh-scan", - parameters: ["-t", hostname, "-p", port.toString()], - }); + + if(hostname && port) { + console.log( + " --> Starting async subsequent SSH Scan for host: '" + hostname + "' and port: '" + port + "'" + ); + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `ssh-${hostname.toLowerCase()}`, + scanType: "ssh-scan", + parameters: ["-t", hostname, "-p", port.toString()], + }); + } + else + { + console.log( + " --> Failed to start subsequent SSH Scan because host: '" + hostname + "' and port: '" + port + "' must not be null." + ); + } } /** @@ -204,16 +237,25 @@ async function startSSHScan({ parentScan, hostname, port }) { * @param {string} port The port to start a new subsequent Nikto scan for. */ async function startNiktoHttpScan({ parentScan, hostname, port }) { - console.log( - " --> Starting async subsequent Nikto Scan for host: " + hostname + ":" + port - ); + - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `nikto-http-${hostname.toLowerCase()}`, - scanType: "nikto", - parameters: ["-h", "http://" + hostname, "-p", port.toString(), "-Tuning", "1,2,3,5,7,b"], - }); + if(hostname && port) { + console.log( + " --> Starting async subsequent Nikto Scan for host: '" + hostname + "' and port: '" + port + "'" + ); + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `nikto-http-${hostname.toLowerCase()}`, + scanType: "nikto", + parameters: ["-h", "http://" + hostname, "-p", port.toString(), "-Tuning", "1,2,3,5,7,b"], + }); + } + else + { + console.log( + " --> Failed to start subsequent Nikto Scan because host: '" + hostname + "' and port: '" + port + "' must not be null." + ); + } } /** @@ -222,16 +264,25 @@ async function startNiktoHttpScan({ parentScan, hostname, port }) { * @param {string} port The port to start a new subsequent SSLyze scan for. */ async function startSSLyzeScan({ parentScan, hostname, port }) { - console.log( - " --> Starting async subsequent SSLyze Scan for host: " + hostname + ":" + port - ); + - await startSubsequentSecureCodeBoxScan({ - parentScan, - name: `sslyze-${hostname.toLowerCase()}`, - scanType: "sslyze", - parameters: ["--regular", hostname+":"+port], - }); + if(hostname && port) { + console.log( + " --> Starting async subsequent SSLyze Scan for host: '" + hostname + "' and port: '" + port + "'" + ); + await startSubsequentSecureCodeBoxScan({ + parentScan, + name: `sslyze-${hostname.toLowerCase()}`, + scanType: "sslyze", + parameters: ["--regular", hostname+":"+port], + }); + } + else + { + console.log( + " --> Failed to start subsequent SSLyze Scan because host: '" + hostname + "' and port: '" + port + "' must not be null." + ); + } } module.exports.handle = handle; From 35f77b430d0a80c0cd24be6f66213aec40968133 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Sat, 13 Jun 2020 23:15:02 +0200 Subject: [PATCH 093/109] Improved the imperative-subsequent-scans hook (if you scan a huge range of services and ports) to prevent duplicate subsequent names if multiple ports per host serves the same service type. --- hooks/imperative-subsequent-scans/hook.js | 8 +++--- .../imperative-subsequent-scans/hook.test.js | 26 +++++++++---------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/hooks/imperative-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js index daaf2e57..a1c70bcb 100644 --- a/hooks/imperative-subsequent-scans/hook.js +++ b/hooks/imperative-subsequent-scans/hook.js @@ -192,7 +192,7 @@ async function startZAPBaselineHttpsScan({ parentScan, hostname, port }) { ); await startSubsequentSecureCodeBoxScan({ parentScan, - name: `zap-https-${hostname.toLowerCase()}`, + name: `zap-${port}-${hostname.toLowerCase()}`, scanType: "zap-baseline", parameters: ["-t", "https://" + hostname + ":" + port], }); @@ -218,7 +218,7 @@ async function startSSHScan({ parentScan, hostname, port }) { ); await startSubsequentSecureCodeBoxScan({ parentScan, - name: `ssh-${hostname.toLowerCase()}`, + name: `ssh-${port}-${hostname.toLowerCase()}`, scanType: "ssh-scan", parameters: ["-t", hostname, "-p", port.toString()], }); @@ -245,7 +245,7 @@ async function startNiktoHttpScan({ parentScan, hostname, port }) { ); await startSubsequentSecureCodeBoxScan({ parentScan, - name: `nikto-http-${hostname.toLowerCase()}`, + name: `nikto-${port}-${hostname.toLowerCase()}`, scanType: "nikto", parameters: ["-h", "http://" + hostname, "-p", port.toString(), "-Tuning", "1,2,3,5,7,b"], }); @@ -272,7 +272,7 @@ async function startSSLyzeScan({ parentScan, hostname, port }) { ); await startSubsequentSecureCodeBoxScan({ parentScan, - name: `sslyze-${hostname.toLowerCase()}`, + name: `sslyze-${port}-${hostname.toLowerCase()}`, scanType: "sslyze", parameters: ["--regular", hostname+":"+port], }); diff --git a/hooks/imperative-subsequent-scans/hook.test.js b/hooks/imperative-subsequent-scans/hook.test.js index 5554d7db..2807d499 100644 --- a/hooks/imperative-subsequent-scans/hook.test.js +++ b/hooks/imperative-subsequent-scans/hook.test.js @@ -58,26 +58,26 @@ test("Should create subsequent scans for open HTTPS ports (NMAP findings)", asyn expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(4); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(1, { - name: "sslyze-foobar.com", + name: "sslyze-443-foobar.com", parameters: ["--regular", "foobar.com:443"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "sslyze", }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(2, { - name: "zap-https-foobar.com", + name: "zap-443-foobar.com", parameters: ["-t", "https://foobar.com:443"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "zap-baseline", }); // even if the HTTPS port is not running at port 443 a corresponding Sslyze scan should be created if a HTTP service is found by nmap expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(3, { - name: "sslyze-example.com", + name: "sslyze-8443-example.com", parameters: ["--regular", "example.com:8443"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "sslyze", }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(4, { - name: "zap-https-example.com", + name: "zap-8443-example.com", parameters: ["-t", "https://example.com:8443"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "zap-baseline", @@ -139,14 +139,14 @@ test("Should create subsequent scans for open HTTP ports (NMAP findings)", async expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(6); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(5, { - name: "nikto-http-foobar.com", + name: "nikto-80-foobar.com", parameters: ["-h", "http://foobar.com", "-p", "80", "-Tuning", "1,2,3,5,7,b"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nikto", }); // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(6, { - name: "nikto-http-example.com", + name: "nikto-3000-example.com", parameters: ["-h", "http://example.com", "-p", "3000", "-Tuning", "1,2,3,5,7,b"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nikto", @@ -208,14 +208,14 @@ test("Should create subsequent scans for open SSH ports (NMAP findings)", async expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(8); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(7, { - name: "ssh-foobar.com", + name: "ssh-22-foobar.com", parameters: ["-t", "foobar.com", "-p", "22"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "ssh-scan", }); // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(8, { - name: "ssh-example.com", + name: "ssh-23454-example.com", parameters: ["-t", "example.com", "-p", "23454"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "ssh-scan", @@ -658,31 +658,31 @@ test("Should create subsequent scans for Service which are running in custom por expect(startSubsequentSecureCodeBoxScan).toHaveBeenCalledTimes(18); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(13, { - name: "ssh-ssh.example.com", + name: "ssh-22000-ssh.example.com", parameters: ["-t", "ssh.example.com", "-p", "22000"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "ssh-scan", }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(14, { - name: "nikto-http-http.example.com", + name: "nikto-8000-http.example.com", parameters: ["-h", "http://http.example.com", "-p", "8000", "-Tuning", "1,2,3,5,7,b"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nikto", }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(15, { - name: "sslyze-https.example.com", + name: "sslyze-3000-https.example.com", parameters: ["--regular", "https.example.com:3000"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "sslyze", }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(16, { - name: "zap-https-https.example.com", + name: "zap-3000-https.example.com", parameters: ["-t", "https://https.example.com:3000"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "zap-baseline", }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(17, { - name: "sslyze-ssl.example.com", + name: "sslyze-8443-ssl.example.com", parameters: ["--regular", "ssl.example.com:8443"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "sslyze", From c4046828e6c80922e95e5f3cfd7ebe817d0d00b0 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Sun, 14 Jun 2020 00:02:36 +0200 Subject: [PATCH 094/109] Fixed port issue with nikto --- hooks/imperative-subsequent-scans/hook.js | 6 +++--- hooks/imperative-subsequent-scans/hook.test.js | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/hooks/imperative-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js index a1c70bcb..a2faa966 100644 --- a/hooks/imperative-subsequent-scans/hook.js +++ b/hooks/imperative-subsequent-scans/hook.js @@ -43,7 +43,7 @@ async function handle({ cascadeNmapNikto && finding.attributes.service === "http" ) { - await startNiktoHttpScan({ + await startNiktoScan({ parentScan: scan, hostname, port, @@ -236,7 +236,7 @@ async function startSSHScan({ parentScan, hostname, port }) { * @param {string} hostname The hostname to start a new subsequent Nikto scan for. * @param {string} port The port to start a new subsequent Nikto scan for. */ -async function startNiktoHttpScan({ parentScan, hostname, port }) { +async function startNiktoScan({ parentScan, hostname, port }) { if(hostname && port) { @@ -247,7 +247,7 @@ async function startNiktoHttpScan({ parentScan, hostname, port }) { parentScan, name: `nikto-${port}-${hostname.toLowerCase()}`, scanType: "nikto", - parameters: ["-h", "http://" + hostname, "-p", port.toString(), "-Tuning", "1,2,3,5,7,b"], + parameters: ["-h", hostname, "-p", port.toString(), "-Tuning", "1,2,3,5,7,b"], }); } else diff --git a/hooks/imperative-subsequent-scans/hook.test.js b/hooks/imperative-subsequent-scans/hook.test.js index 2807d499..40ad162d 100644 --- a/hooks/imperative-subsequent-scans/hook.test.js +++ b/hooks/imperative-subsequent-scans/hook.test.js @@ -140,14 +140,14 @@ test("Should create subsequent scans for open HTTP ports (NMAP findings)", async expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(5, { name: "nikto-80-foobar.com", - parameters: ["-h", "http://foobar.com", "-p", "80", "-Tuning", "1,2,3,5,7,b"], + parameters: ["-h", "foobar.com", "-p", "80", "-Tuning", "1,2,3,5,7,b"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nikto", }); // even if the HTTP port is not running at port 80 a corresponding Nikto scan should be created if a HTTP service is found by nmap expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(6, { name: "nikto-3000-example.com", - parameters: ["-h", "http://example.com", "-p", "3000", "-Tuning", "1,2,3,5,7,b"], + parameters: ["-h", "example.com", "-p", "3000", "-Tuning", "1,2,3,5,7,b"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nikto", }); @@ -665,7 +665,7 @@ test("Should create subsequent scans for Service which are running in custom por }); expect(startSubsequentSecureCodeBoxScan).toHaveBeenNthCalledWith(14, { name: "nikto-8000-http.example.com", - parameters: ["-h", "http://http.example.com", "-p", "8000", "-Tuning", "1,2,3,5,7,b"], + parameters: ["-h", "http.example.com", "-p", "8000", "-Tuning", "1,2,3,5,7,b"], parentScan: { metadata: { labels: { foo: "bar" } } }, scanType: "nikto", }); From 62e865f1366c23b829c4746cd9426a83599aecb5 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Sun, 14 Jun 2020 08:17:40 +0200 Subject: [PATCH 095/109] Fixing the label scan-type for all subsequent scans --- hooks/imperative-subsequent-scans/scan-helpers.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hooks/imperative-subsequent-scans/scan-helpers.js b/hooks/imperative-subsequent-scans/scan-helpers.js index ec3539fe..27ddc5c0 100644 --- a/hooks/imperative-subsequent-scans/scan-helpers.js +++ b/hooks/imperative-subsequent-scans/scan-helpers.js @@ -41,6 +41,11 @@ async function startSubsequentSecureCodeBoxScan({ }, }; + // Changing label 'scan-type' (if defined by parent scan) to to the given scanType for the subsequent scan + if( scanDefinition.metadata.labels && scanDefinition.metadata.labels['scan-type'] ) { + scanDefinition.metadata.labels['scan-type'] = scanType; + } + try { // Starting another subsequent sslyze scan based on the nmap results // found at: https://github.com/kubernetes-client/javascript/blob/79736b9a608c18d818de61a6b44503a08ea3a78f/src/gen/api/customObjectsApi.ts#L209 From 2ba12c901e01d148584b7f6abc5eb5105a641297 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 15 Jun 2020 11:38:40 +0200 Subject: [PATCH 096/109] Fixing wrong label name --- hooks/imperative-subsequent-scans/scan-helpers.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hooks/imperative-subsequent-scans/scan-helpers.js b/hooks/imperative-subsequent-scans/scan-helpers.js index 27ddc5c0..4326aca6 100644 --- a/hooks/imperative-subsequent-scans/scan-helpers.js +++ b/hooks/imperative-subsequent-scans/scan-helpers.js @@ -21,7 +21,7 @@ async function startSubsequentSecureCodeBoxScan({ ...parentScan.metadata.labels, }, annotations: { - "securecodebox.io/hook": "nmap-subsequent-scans", + "securecodebox.io/hook": "imperative-subsequent-scans", "securecodebox.io/parent-scan": parentScan.metadata.name, }, ownerReferences: [ From 00236089264ee267b68cb7d93395bdb9005df3ad Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 15 Jun 2020 11:39:46 +0200 Subject: [PATCH 097/109] Use shorter name for persistence-elastic hook based jobs because they are sometimes to long --- hooks/persistence-elastic/templates/persistence-provider.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hooks/persistence-elastic/templates/persistence-provider.yaml b/hooks/persistence-elastic/templates/persistence-provider.yaml index 4cb9934f..330198d3 100644 --- a/hooks/persistence-elastic/templates/persistence-provider.yaml +++ b/hooks/persistence-elastic/templates/persistence-provider.yaml @@ -1,7 +1,7 @@ apiVersion: "execution.experimental.securecodebox.io/v1" kind: ScanCompletionHook metadata: - name: {{ include "persistence-elastic.fullname" . }} + name: {{ .Release.Name }} labels: type: Structured spec: From a2fecfaf38fa0988f1d6fa1a6d4ca5f5af21e85e Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 15 Jun 2020 12:17:34 +0200 Subject: [PATCH 098/109] Updating operator Helm to make the resource limits configurable --- operator/Chart.yaml | 2 +- operator/templates/manager/manager.yaml | 7 +------ operator/values.yaml | 11 +++++++++++ 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/operator/Chart.yaml b/operator/Chart.yaml index a0f7d8b9..7436aef8 100644 --- a/operator/Chart.yaml +++ b/operator/Chart.yaml @@ -6,7 +6,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 0.1.0 +version: 0.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. diff --git a/operator/templates/manager/manager.yaml b/operator/templates/manager/manager.yaml index 458bd20b..2ee84703 100644 --- a/operator/templates/manager/manager.yaml +++ b/operator/templates/manager/manager.yaml @@ -81,10 +81,5 @@ spec: - name: LURCHER_PULL_POLICY value: {{ .Values.lurcher.image.pullPolicy }} resources: - limits: - cpu: 100m - memory: 30Mi - requests: - cpu: 100m - memory: 20Mi + {{- toYaml .Values.resources | nindent 12 }} terminationGracePeriodSeconds: 10 diff --git a/operator/values.yaml b/operator/values.yaml index fd26a99c..2a6e396d 100644 --- a/operator/values.yaml +++ b/operator/values.yaml @@ -35,3 +35,14 @@ s3: # Example creation via kubectl: # kubectl create secret generic my-secret --from-literal=accessKey="******" --from-literal=secretKey="******" keySecret: my-secret + +# +# Config for the operator ressource limits +# +resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi \ No newline at end of file From 5c262653e558e8e9dab736910b9c87929fcd628a Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 15 Jun 2020 12:18:41 +0200 Subject: [PATCH 099/109] Updated readme to use shorter release names because this will result in shorter job names also (it's a poblem if they are too long) --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index e136f7e3..65341a60 100644 --- a/README.md +++ b/README.md @@ -80,12 +80,12 @@ helm upgrade --install wpscan ./integrations/wpscan/ helm upgrade --install dummy-ssh ./demo-apps/dummy-ssh/ # Deploy secureCodeBox Hooks -helm upgrade --install add-attributes ./hooks/add-attributes/ -helm upgrade --install generic-webhook ./hooks/generic-webhook/ -helm upgrade --install imperative-subsequent-scans ./hooks/imperative-subsequent-scans/ +helm upgrade --install aah ./hooks/add-attributes/ +helm upgrade --install gwh ./hooks/generic-webhook/ +helm upgrade --install issh ./hooks/imperative-subsequent-scans/ ## Persistence Provider: Elasticsearch -helm upgrade --install persistence-elastic ./hooks/persistence-elastic/ +helm upgrade --install elkh ./hooks/persistence-elastic/ ``` ### Examples From a70a89f30b413bbf4707cf53670c9973f5e860f8 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Mon, 15 Jun 2020 13:25:31 +0200 Subject: [PATCH 100/109] Fixing SMB scan because NMAP discovers different services sometimes if the service detection is enabled --- hooks/imperative-subsequent-scans/hook.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hooks/imperative-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js index a2faa966..b3245c6f 100644 --- a/hooks/imperative-subsequent-scans/hook.js +++ b/hooks/imperative-subsequent-scans/hook.js @@ -54,7 +54,8 @@ async function handle({ if ( cascadeNmapSmb && finding.attributes.port === 445 && - finding.attributes.service === "microsoft-ds" + (finding.attributes.service === "microsoft-ds" || + finding.attributes.service === "netbios-ssn") ) { await startSMBScan({ parentScan: scan, From fa080b9af21b61bb2cd9677eb448c026c301afd2 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Tue, 16 Jun 2020 11:00:03 +0200 Subject: [PATCH 101/109] Preparing readme for merge to master. --- README.md | 2 +- hooks/imperative-subsequent-scans/values.yaml | 10 +++++----- hooks/persistence-elastic/values.yaml | 4 ++-- integrations/nmap/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 65341a60..db33167c 100644 --- a/README.md +++ b/README.md @@ -63,7 +63,7 @@ There is a german article about [Security DevOps – Angreifern (immer) einen Sc ```bash # Deploy secureCodeBox Operator kubectl create namespace securecodebox-system -helm -n securecodebox-system install securecodebox-operator ./operator/ --set image.tag=hooks +helm -n securecodebox-system install securecodebox-operator ./operator/ # Deploy definitions for the integrated scanners helm upgrade --install amass ./integrations/amass/ diff --git a/hooks/imperative-subsequent-scans/values.yaml b/hooks/imperative-subsequent-scans/values.yaml index 8a31525e..2602e491 100644 --- a/hooks/imperative-subsequent-scans/values.yaml +++ b/hooks/imperative-subsequent-scans/values.yaml @@ -6,15 +6,15 @@ cascade: # Cascade nmap scans for each subdomain found by amass amassNmap: true # Cascade nmap SMB scans for each SMB Port found by nmap - nmapSmb: false + nmapSmb: true # Cascade SSH scans for each SSH Port found by nmap - nmapSsh: false + nmapSsh: true # Cascade SSL scans for each HTTP Port found by nmap - nmapSsl: false + nmapSsl: true # Cascade Nikto scans for each HTTP Port found by nmap - nmapNikto: false + nmapNikto: true # Cascade ZAP scans for each HTTP Port found by nmap - nmapZapBaseline: false + nmapZapBaseline: true image: registry: docker.io diff --git a/hooks/persistence-elastic/values.yaml b/hooks/persistence-elastic/values.yaml index 20ecb6d8..0eb33a06 100644 --- a/hooks/persistence-elastic/values.yaml +++ b/hooks/persistence-elastic/values.yaml @@ -5,8 +5,8 @@ image: registry: docker.io repository: scbexperimental/persistence-elastic - tag: null - digest: sha256:25e860d051de0fb7ecb74508d749909d9ec8b5d49cb10466509777bc98e3ec7a + tag: hooks + digest: null indexPrefix: "scbv2" diff --git a/integrations/nmap/values.yaml b/integrations/nmap/values.yaml index 516187d7..7d3052d5 100644 --- a/integrations/nmap/values.yaml +++ b/integrations/nmap/values.yaml @@ -1,4 +1,4 @@ parserImage: registry: docker.io repository: scbexperimental/parser-nmap - tag: latest + tag: hooks From 6475f61f8dfee87ef19a502a09398b1c59becda1 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Tue, 16 Jun 2020 11:06:50 +0200 Subject: [PATCH 102/109] Fixing a typo. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index db33167c..f0ea2419 100644 --- a/README.md +++ b/README.md @@ -116,11 +116,11 @@ kubectl get scans ### Access Services -* Minio UI +* Minio UI: * AccessKey: `kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.accesskey}' | base64 --decode; echo` * SecretKey: `kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.secretkey}' | base64 --decode; echo` * Port Forward Minio UI: `kubectl port-forward -n securecodebox-system service/securecodebox-operator-minio 9000:9000` -* Elastic / Kibana UI +* Elastic / Kibana UI: * User: `elastic` * Password: `kubectl get secret scb-elasticsearch-es-elastic-user -n scb-analytics -o=jsonpath='{.data.elastic}' | base64 --decode; echo` * Port Forward Kibana: `kubectl port-forward -n default service/persistence-elastic-kibana 5601:5601` From 3dd1804fc2a3469ecea829207c3bca2cba742f8d Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Tue, 16 Jun 2020 11:15:32 +0200 Subject: [PATCH 103/109] Updating Readme --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index f0ea2419..588d02ea 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ - [Purpose of this Project](#purpose-of-this-project) - [Quickstart](#quickstart) - [Prerequisites](#prerequisites) - - [Deployment](#deployment) + - [Deployment (based on Helm)](#deployment-based-on-helm) - [Examples](#examples) - [Access Services](#access-services) - [How does it work?](#how-does-it-work) @@ -58,14 +58,14 @@ There is a german article about [Security DevOps – Angreifern (immer) einen Sc - kubernetes (last 4 mayor releases supported: `1.15`, `1.16`, `1.17` & `1.18`) -### Deployment +### Deployment (based on Helm) ```bash -# Deploy secureCodeBox Operator +# Deploy the secureCodeBox Operator first kubectl create namespace securecodebox-system helm -n securecodebox-system install securecodebox-operator ./operator/ -# Deploy definitions for the integrated scanners +# Deploy SCB scanner Charts for each security scanner you want to use (all optional) helm upgrade --install amass ./integrations/amass/ helm upgrade --install kube-hunter ./integrations/kube-hunter/ helm upgrade --install nikto ./integrations/nikto From 4cddd5766cf2c5ecff3540d5203a4b449716b7fd Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Tue, 16 Jun 2020 16:08:37 +0200 Subject: [PATCH 104/109] Removed samples because they moved directly into the different scanner repos --- .../execution_v1_scan/amass_securecodebox_io.yaml | 13 ------------- .../execution_v1_scan/kube-hunter_in_cluster.yaml | 8 -------- .../execution_v1_scan/nikto_securecodebox_io.yaml | 14 -------------- .../samples/execution_v1_scan/nmap_localhost.yaml | 9 --------- .../execution_v1_scan/nmap_scanme_nmap_org.yaml | 8 -------- .../execution_v1_scan/nmap_securecodebox_io.yaml | 9 --------- .../samples/execution_v1_scan/ssh_iteratec_de.yaml | 11 ----------- .../execution_v1_scan/sslyze_securecodebox_io.yaml | 11 ----------- .../samples/execution_v1_scan/test-scan.yaml | 7 ------- .../samples/execution_v1_scan/trivy_juiceshop.yaml | 10 ---------- .../samples/execution_v1_scan/trivy_mediawiki.yaml | 8 -------- .../samples/execution_v1_scan/zap_juiceshop.yaml | 11 ----------- 12 files changed, 119 deletions(-) delete mode 100644 operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml delete mode 100644 operator/config/samples/execution_v1_scan/kube-hunter_in_cluster.yaml delete mode 100644 operator/config/samples/execution_v1_scan/nikto_securecodebox_io.yaml delete mode 100644 operator/config/samples/execution_v1_scan/nmap_localhost.yaml delete mode 100644 operator/config/samples/execution_v1_scan/nmap_scanme_nmap_org.yaml delete mode 100644 operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml delete mode 100644 operator/config/samples/execution_v1_scan/ssh_iteratec_de.yaml delete mode 100644 operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml delete mode 100644 operator/config/samples/execution_v1_scan/test-scan.yaml delete mode 100644 operator/config/samples/execution_v1_scan/trivy_juiceshop.yaml delete mode 100644 operator/config/samples/execution_v1_scan/trivy_mediawiki.yaml delete mode 100644 operator/config/samples/execution_v1_scan/zap_juiceshop.yaml diff --git a/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml deleted file mode 100644 index a607f69e..00000000 --- a/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "amass-securecodebox.io" - labels: - organization: "secureCodeBox" -spec: - scanType: "amass" - parameters: - - "-noalts" - - "-norecursive" - - "-d" - - "securecodebox.io" diff --git a/operator/config/samples/execution_v1_scan/kube-hunter_in_cluster.yaml b/operator/config/samples/execution_v1_scan/kube-hunter_in_cluster.yaml deleted file mode 100644 index e1b8aa8d..00000000 --- a/operator/config/samples/execution_v1_scan/kube-hunter_in_cluster.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "kube-hunter-in-cluster" -spec: - scanType: "kube-hunter" - parameters: - - "--pod" diff --git a/operator/config/samples/execution_v1_scan/nikto_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/nikto_securecodebox_io.yaml deleted file mode 100644 index 43496fa4..00000000 --- a/operator/config/samples/execution_v1_scan/nikto_securecodebox_io.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: 'execution.experimental.securecodebox.io/v1' -kind: Scan -metadata: - name: 'nikto-www.securecodebox.io' - labels: - organization: 'secureCodeBox' -spec: - scanType: 'nikto' - parameters: - - '-h' - - 'https://www.securecodebox.io' - - '-Tuning' - # Only enable fast (ish) Scan Options, remove attack option like SQLi and RCE. We will leave those to ZAP - - '1,2,3,5,7,b' diff --git a/operator/config/samples/execution_v1_scan/nmap_localhost.yaml b/operator/config/samples/execution_v1_scan/nmap_localhost.yaml deleted file mode 100644 index 7acfcf5b..00000000 --- a/operator/config/samples/execution_v1_scan/nmap_localhost.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: execution.experimental.securecodebox.io/v1 -kind: Scan -metadata: - name: nmap-localhost -spec: - parameters: - - -Pn - - localhost - scanType: nmap diff --git a/operator/config/samples/execution_v1_scan/nmap_scanme_nmap_org.yaml b/operator/config/samples/execution_v1_scan/nmap_scanme_nmap_org.yaml deleted file mode 100644 index dad0121f..00000000 --- a/operator/config/samples/execution_v1_scan/nmap_scanme_nmap_org.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "nmap-scanme.nmap.org" -spec: - scanType: "nmap" - parameters: - - scanme.nmap.org diff --git a/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml deleted file mode 100644 index 15407835..00000000 --- a/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: execution.experimental.securecodebox.io/v1 -kind: Scan -metadata: - name: nmap-securecodebox.io -spec: - parameters: - - -Pn - - secureCodeBox.io - scanType: nmap diff --git a/operator/config/samples/execution_v1_scan/ssh_iteratec_de.yaml b/operator/config/samples/execution_v1_scan/ssh_iteratec_de.yaml deleted file mode 100644 index 394bb369..00000000 --- a/operator/config/samples/execution_v1_scan/ssh_iteratec_de.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "ssh-iteratec.de" - labels: - company: iteratec -spec: - scanType: "ssh-scan" - parameters: - - "-t" - - www.iteratec.de diff --git a/operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml deleted file mode 100644 index bbd53c1c..00000000 --- a/operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "sslyze-securecodebox.io" - labels: - organization: "secureCodeBox" -spec: - scanType: "sslyze" - parameters: - - "--regular" - - "securecodebox.io" diff --git a/operator/config/samples/execution_v1_scan/test-scan.yaml b/operator/config/samples/execution_v1_scan/test-scan.yaml deleted file mode 100644 index 55d7b8f6..00000000 --- a/operator/config/samples/execution_v1_scan/test-scan.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: execution.experimental.securecodebox.io/v1 -kind: Scan -metadata: - name: test-scan -spec: - scanType: test-scan - parameters: [] diff --git a/operator/config/samples/execution_v1_scan/trivy_juiceshop.yaml b/operator/config/samples/execution_v1_scan/trivy_juiceshop.yaml deleted file mode 100644 index 3992a6fd..00000000 --- a/operator/config/samples/execution_v1_scan/trivy_juiceshop.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "trivy-juiceshop" - labels: - organization: "OWASP" -spec: - scanType: "trivy" - parameters: - - "bkimminich/juice-shop:v10.2.0" diff --git a/operator/config/samples/execution_v1_scan/trivy_mediawiki.yaml b/operator/config/samples/execution_v1_scan/trivy_mediawiki.yaml deleted file mode 100644 index 9ea8fc1f..00000000 --- a/operator/config/samples/execution_v1_scan/trivy_mediawiki.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "trivy-mediawiki" -spec: - scanType: "trivy" - parameters: - - "mediawiki:stable" diff --git a/operator/config/samples/execution_v1_scan/zap_juiceshop.yaml b/operator/config/samples/execution_v1_scan/zap_juiceshop.yaml deleted file mode 100644 index 4a66fe91..00000000 --- a/operator/config/samples/execution_v1_scan/zap_juiceshop.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "zap-juiceshop" - labels: - organization: "OWASP" -spec: - scanType: "zap-baseline" - parameters: - - "-t" - - "http://juice-shop.demo-targets.svc:3000" From 5e8ce33936e70c48d920fce6d0f8596c2c2367cc Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Tue, 16 Jun 2020 16:22:31 +0200 Subject: [PATCH 105/109] Renamed the integration folder to scanner because it's more intuitive. --- .github/workflows/ci.yaml | 36 +++++++++---------- package.json | 2 +- {integrations => scanner}/.gitignore | 0 {integrations => scanner}/amass/.helmignore | 0 {integrations => scanner}/amass/Chart.yaml | 0 {integrations => scanner}/amass/README.md | 2 +- .../amass/examples/example.com/scan.yaml | 0 .../amass/examples/secureCodeBox.io/scan.yaml | 0 .../amass/parser/Dockerfile | 0 .../parser/__snapshots__/parser.test.js.snap | 0 .../__testFiles__/securecodebox.io.jsonl | 0 .../amass/parser/parser.js | 0 .../amass/parser/parser.test.js | 0 .../templates/amass-parse-definition.yaml | 0 .../amass/templates/amass-scan-type.yaml | 0 {integrations => scanner}/amass/values.yaml | 0 .../kube-hunter/.helmignore | 0 .../kube-hunter/Chart.yaml | 0 .../kube-hunter/README.md | 2 +- .../examples/in-cluster/findings.json | 0 .../kube-hunter/examples/in-cluster/scan.yaml | 0 .../kube-hunter/parser/Dockerfile | 0 .../parser/__snapshots__/parser.test.js.snap | 0 .../kind-1.18-in-cluster-scan.json | 0 .../kube-hunter/parser/parser.js | 0 .../kube-hunter/parser/parser.test.js | 0 .../kube-hunter/scanner/Dockerfile | 0 .../kube-hunter/scanner/wrapper.sh | 0 .../kube-hunter-parse-definition.yaml | 0 .../templates/kubehunter-scan-type.yaml | 0 .../kube-hunter/values.yaml | 0 {integrations => scanner}/nikto/.helmignore | 0 {integrations => scanner}/nikto/Chart.yaml | 0 {integrations => scanner}/nikto/README.md | 0 .../nikto/examples/secureCodeBox.io/scan.yaml | 0 .../nikto/parser/Dockerfile | 0 .../parser/__snapshots__/parser.test.js.snap | 0 .../parser/__testFiles__/juice-shop.json | 0 .../__testFiles__/www.securecodebox.io.json | 0 .../nikto/parser/parser.js | 0 .../nikto/parser/parser.test.js | 0 .../nikto/scanner/Dockerfile | 0 .../nikto/scanner/wrapper.sh | 0 .../templates/nikto-parse-definition.yaml | 0 .../nikto/templates/nikto-scan-type.yaml | 0 {integrations => scanner}/nikto/values.yaml | 0 {integrations => scanner}/nmap/.helmignore | 0 {integrations => scanner}/nmap/Chart.yaml | 0 .../nmap/readme.md => scanner/nmap/README.md | 2 +- .../nmap/examples/local-network/findings.yaml | 0 .../nmap/examples/local-network/scan.yaml | 0 .../nmap/examples/localhost/findings.yaml | 0 .../nmap/examples/localhost/scan.yaml | 0 .../nmap/examples/scan.nmap.org/findings.yaml | 0 .../nmap/examples/scan.nmap.org/scan.yaml | 0 .../nmap/parser/.dockerignore | 0 .../nmap/parser/.gitignore | 0 .../nmap/parser/Dockerfile | 0 .../__testFiles__/localhost-smb-script.xml | 0 .../nmap/parser/__testFiles__/localhost.xml | 0 .../nmap/parser/__testFiles__/no-host.xml | 0 .../nmap/parser/__testFiles__/no-ports.xml | 0 .../nmap/parser/package-lock.json | 0 .../nmap/parser/package.json | 0 .../nmap/parser/parser.js | 0 .../nmap/parser/parser.test.js | 0 .../nmap/scanner/Dockerfile | 0 .../nmap/templates/nmap-parse-definition.yaml | 0 .../nmap/templates/nmap-scan-type.yaml | 0 {integrations => scanner}/nmap/values.yaml | 0 {integrations => scanner}/package-lock.json | 2 +- {integrations => scanner}/package.json | 2 +- .../ssh_scan/.helmignore | 0 {integrations => scanner}/ssh_scan/Chart.yaml | 0 {integrations => scanner}/ssh_scan/README.md | 2 +- .../ssh_scan/examples/example.com/scan.yaml | 0 .../ssh_scan/examples/localhost/findings.yaml | 0 .../ssh_scan/examples/localhost/scan.yaml | 0 .../ssh_scan/parser/Dockerfile | 0 .../parser/__testFiles__/192.168.42.42.json | 0 .../parser/__testFiles__/local-network.json | 0 .../parser/__testFiles__/localhost.json | 0 .../__testFiles__/securecodebox.io.json | 0 .../ssh_scan/parser/parser.js | 0 .../ssh_scan/parser/parser.test.js | 0 .../templates/ssh-scan-parse-definition.yaml | 0 .../templates/ssh-scan-scan-type.yaml | 0 .../ssh_scan/values.yaml | 0 {integrations => scanner}/sslyze/.helmignore | 0 {integrations => scanner}/sslyze/Chart.yaml | 0 {integrations => scanner}/sslyze/README.md | 2 +- .../sslyze/examples/example.com/scan.yaml | 0 .../examples/secureCodeBox.io/scan.yaml | 0 .../sslyze/parser/.dockerignore | 0 .../sslyze/parser/Dockerfile | 0 .../__testFiles__/expired.badssl.com.json | 0 .../parser/__testFiles__/google.com.json | 0 .../mixed-connectivity-result.json | 0 .../__testFiles__/revoked.badssl.com.json | 0 .../__testFiles__/self-signed.badssl.com.json | 0 .../tls-v1-0.badssl.com_1010.json | 0 .../__testFiles__/unavailible-host.json | 0 .../untrusted-root.badssl.com.json | 0 .../__testFiles__/wrong.host.badssl.com.json | 0 .../__testFiles__/www.securecodebox.io.json | 0 .../sslyze/parser/package-lock.json | 0 .../sslyze/parser/package.json | 0 .../sslyze/parser/parser.js | 0 .../sslyze/parser/parser.test.js | 0 .../templates/sslyze-parse-definition.yaml | 0 .../sslyze/templates/sslyze-scan-type.yaml | 0 {integrations => scanner}/sslyze/values.yaml | 0 .../test-scan/.helmignore | 0 .../test-scan/Chart.yaml | 0 .../test-scan/parser/.dockerignore | 0 .../test-scan/parser/.gitignore | 0 .../test-scan/parser/Dockerfile | 0 .../test-scan/parser/package-lock.json | 0 .../test-scan/parser/package.json | 0 .../test-scan/parser/parser.js | 0 .../test-scan/scanner/Dockerfile | 0 .../templates/test-scan-parse-definition.yaml | 0 .../templates/test-scan-scan-type.yaml | 0 .../test-scan/values.yaml | 0 {integrations => scanner}/trivy/.helmignore | 0 {integrations => scanner}/trivy/Chart.yaml | 0 {integrations => scanner}/trivy/README.md | 2 +- .../trivy/examples/juice-shop/findings.yaml | 0 .../trivy/examples/juice-shop/scan.yaml | 0 .../trivy/examples/mediawiki/findings.yaml | 0 .../trivy/examples/mediawiki/scan.yaml | 0 .../trivy/parser/Dockerfile | 0 .../parser/__snapshots__/parser.test.js.snap | 0 .../__testFiles__/juice-shop-v10.2.0.json | 0 .../__testFiles__/mediawiki-1.27.3.json | 0 .../__testFiles__/mediawiki-stable.json | 0 .../securecodebox-amass-unstable-pinned.json | 0 .../__testFiles__/securecodebox-engine.json | 0 .../securecodebox-ssh-unstable.json | 0 .../trivy/parser/parser.js | 0 .../trivy/parser/parser.test.js | 0 .../templates/trivy-parse-definition.yaml | 0 .../trivy/templates/trivy-scan-type.yaml | 0 {integrations => scanner}/trivy/values.yaml | 0 {integrations => scanner}/wpscan/.helmignore | 0 {integrations => scanner}/wpscan/Chart.yaml | 0 {integrations => scanner}/wpscan/README.md | 2 +- .../wpscan/examples/example.com/findings.yaml | 0 .../wpscan/examples/example.com/scan.yaml | 0 .../wpscan/parser/Dockerfile | 0 .../parser/__testFiles__/empty-localhost.json | 0 .../parser/__testFiles__/example-latest.json | 0 .../parser/__testFiles__/example-old.json | 0 .../wpscan/parser/parser.js | 0 .../wpscan/parser/parser.test.js | 0 .../templates/wpscan-parse-definition.yaml | 0 .../wpscan/templates/wpscan-scan-type.yaml | 0 {integrations => scanner}/wpscan/values.yaml | 0 {integrations => scanner}/zap/.helmignore | 0 {integrations => scanner}/zap/Chart.yaml | 0 {integrations => scanner}/zap/README.md | 2 +- .../zap/examples/.gitkeep | 0 .../zap/parser/Dockerfile | 0 .../parser/__snapshots__/parser.test.js.snap | 0 .../zap/parser/__testFiles__/juice-shop.json | 0 .../zap/parser/parser.js | 0 .../zap/parser/parser.test.js | 0 .../zap/templates/zap-parse-definition.yaml | 0 .../zap/templates/zap-scan-type.yaml | 0 {integrations => scanner}/zap/values.yaml | 0 170 files changed, 29 insertions(+), 29 deletions(-) rename {integrations => scanner}/.gitignore (100%) rename {integrations => scanner}/amass/.helmignore (100%) rename {integrations => scanner}/amass/Chart.yaml (100%) rename {integrations => scanner}/amass/README.md (97%) rename {integrations => scanner}/amass/examples/example.com/scan.yaml (100%) rename {integrations => scanner}/amass/examples/secureCodeBox.io/scan.yaml (100%) rename {integrations => scanner}/amass/parser/Dockerfile (100%) rename {integrations => scanner}/amass/parser/__snapshots__/parser.test.js.snap (100%) rename {integrations => scanner}/amass/parser/__testFiles__/securecodebox.io.jsonl (100%) rename {integrations => scanner}/amass/parser/parser.js (100%) rename {integrations => scanner}/amass/parser/parser.test.js (100%) rename {integrations => scanner}/amass/templates/amass-parse-definition.yaml (100%) rename {integrations => scanner}/amass/templates/amass-scan-type.yaml (100%) rename {integrations => scanner}/amass/values.yaml (100%) rename {integrations => scanner}/kube-hunter/.helmignore (100%) rename {integrations => scanner}/kube-hunter/Chart.yaml (100%) rename {integrations => scanner}/kube-hunter/README.md (96%) rename {integrations => scanner}/kube-hunter/examples/in-cluster/findings.json (100%) rename {integrations => scanner}/kube-hunter/examples/in-cluster/scan.yaml (100%) rename {integrations => scanner}/kube-hunter/parser/Dockerfile (100%) rename {integrations => scanner}/kube-hunter/parser/__snapshots__/parser.test.js.snap (100%) rename {integrations => scanner}/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json (100%) rename {integrations => scanner}/kube-hunter/parser/parser.js (100%) rename {integrations => scanner}/kube-hunter/parser/parser.test.js (100%) rename {integrations => scanner}/kube-hunter/scanner/Dockerfile (100%) rename {integrations => scanner}/kube-hunter/scanner/wrapper.sh (100%) rename {integrations => scanner}/kube-hunter/templates/kube-hunter-parse-definition.yaml (100%) rename {integrations => scanner}/kube-hunter/templates/kubehunter-scan-type.yaml (100%) rename {integrations => scanner}/kube-hunter/values.yaml (100%) rename {integrations => scanner}/nikto/.helmignore (100%) rename {integrations => scanner}/nikto/Chart.yaml (100%) rename {integrations => scanner}/nikto/README.md (100%) rename {integrations => scanner}/nikto/examples/secureCodeBox.io/scan.yaml (100%) rename {integrations => scanner}/nikto/parser/Dockerfile (100%) rename {integrations => scanner}/nikto/parser/__snapshots__/parser.test.js.snap (100%) rename {integrations => scanner}/nikto/parser/__testFiles__/juice-shop.json (100%) rename {integrations => scanner}/nikto/parser/__testFiles__/www.securecodebox.io.json (100%) rename {integrations => scanner}/nikto/parser/parser.js (100%) rename {integrations => scanner}/nikto/parser/parser.test.js (100%) rename {integrations => scanner}/nikto/scanner/Dockerfile (100%) rename {integrations => scanner}/nikto/scanner/wrapper.sh (100%) rename {integrations => scanner}/nikto/templates/nikto-parse-definition.yaml (100%) rename {integrations => scanner}/nikto/templates/nikto-scan-type.yaml (100%) rename {integrations => scanner}/nikto/values.yaml (100%) rename {integrations => scanner}/nmap/.helmignore (100%) rename {integrations => scanner}/nmap/Chart.yaml (100%) rename integrations/nmap/readme.md => scanner/nmap/README.md (98%) rename {integrations => scanner}/nmap/examples/local-network/findings.yaml (100%) rename {integrations => scanner}/nmap/examples/local-network/scan.yaml (100%) rename {integrations => scanner}/nmap/examples/localhost/findings.yaml (100%) rename {integrations => scanner}/nmap/examples/localhost/scan.yaml (100%) rename {integrations => scanner}/nmap/examples/scan.nmap.org/findings.yaml (100%) rename {integrations => scanner}/nmap/examples/scan.nmap.org/scan.yaml (100%) rename {integrations => scanner}/nmap/parser/.dockerignore (100%) rename {integrations => scanner}/nmap/parser/.gitignore (100%) rename {integrations => scanner}/nmap/parser/Dockerfile (100%) rename {integrations => scanner}/nmap/parser/__testFiles__/localhost-smb-script.xml (100%) rename {integrations => scanner}/nmap/parser/__testFiles__/localhost.xml (100%) rename {integrations => scanner}/nmap/parser/__testFiles__/no-host.xml (100%) rename {integrations => scanner}/nmap/parser/__testFiles__/no-ports.xml (100%) rename {integrations => scanner}/nmap/parser/package-lock.json (100%) rename {integrations => scanner}/nmap/parser/package.json (100%) rename {integrations => scanner}/nmap/parser/parser.js (100%) rename {integrations => scanner}/nmap/parser/parser.test.js (100%) rename {integrations => scanner}/nmap/scanner/Dockerfile (100%) rename {integrations => scanner}/nmap/templates/nmap-parse-definition.yaml (100%) rename {integrations => scanner}/nmap/templates/nmap-scan-type.yaml (100%) rename {integrations => scanner}/nmap/values.yaml (100%) rename {integrations => scanner}/package-lock.json (99%) rename {integrations => scanner}/package.json (84%) rename {integrations => scanner}/ssh_scan/.helmignore (100%) rename {integrations => scanner}/ssh_scan/Chart.yaml (100%) rename {integrations => scanner}/ssh_scan/README.md (98%) rename {integrations => scanner}/ssh_scan/examples/example.com/scan.yaml (100%) rename {integrations => scanner}/ssh_scan/examples/localhost/findings.yaml (100%) rename {integrations => scanner}/ssh_scan/examples/localhost/scan.yaml (100%) rename {integrations => scanner}/ssh_scan/parser/Dockerfile (100%) rename {integrations => scanner}/ssh_scan/parser/__testFiles__/192.168.42.42.json (100%) rename {integrations => scanner}/ssh_scan/parser/__testFiles__/local-network.json (100%) rename {integrations => scanner}/ssh_scan/parser/__testFiles__/localhost.json (100%) rename {integrations => scanner}/ssh_scan/parser/__testFiles__/securecodebox.io.json (100%) rename {integrations => scanner}/ssh_scan/parser/parser.js (100%) rename {integrations => scanner}/ssh_scan/parser/parser.test.js (100%) rename {integrations => scanner}/ssh_scan/templates/ssh-scan-parse-definition.yaml (100%) rename {integrations => scanner}/ssh_scan/templates/ssh-scan-scan-type.yaml (100%) rename {integrations => scanner}/ssh_scan/values.yaml (100%) rename {integrations => scanner}/sslyze/.helmignore (100%) rename {integrations => scanner}/sslyze/Chart.yaml (100%) rename {integrations => scanner}/sslyze/README.md (99%) rename {integrations => scanner}/sslyze/examples/example.com/scan.yaml (100%) rename {integrations => scanner}/sslyze/examples/secureCodeBox.io/scan.yaml (100%) rename {integrations => scanner}/sslyze/parser/.dockerignore (100%) rename {integrations => scanner}/sslyze/parser/Dockerfile (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/expired.badssl.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/google.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/mixed-connectivity-result.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/revoked.badssl.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/self-signed.badssl.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/unavailible-host.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/wrong.host.badssl.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/www.securecodebox.io.json (100%) rename {integrations => scanner}/sslyze/parser/package-lock.json (100%) rename {integrations => scanner}/sslyze/parser/package.json (100%) rename {integrations => scanner}/sslyze/parser/parser.js (100%) rename {integrations => scanner}/sslyze/parser/parser.test.js (100%) rename {integrations => scanner}/sslyze/templates/sslyze-parse-definition.yaml (100%) rename {integrations => scanner}/sslyze/templates/sslyze-scan-type.yaml (100%) rename {integrations => scanner}/sslyze/values.yaml (100%) rename {integrations => scanner}/test-scan/.helmignore (100%) rename {integrations => scanner}/test-scan/Chart.yaml (100%) rename {integrations => scanner}/test-scan/parser/.dockerignore (100%) rename {integrations => scanner}/test-scan/parser/.gitignore (100%) rename {integrations => scanner}/test-scan/parser/Dockerfile (100%) rename {integrations => scanner}/test-scan/parser/package-lock.json (100%) rename {integrations => scanner}/test-scan/parser/package.json (100%) rename {integrations => scanner}/test-scan/parser/parser.js (100%) rename {integrations => scanner}/test-scan/scanner/Dockerfile (100%) rename {integrations => scanner}/test-scan/templates/test-scan-parse-definition.yaml (100%) rename {integrations => scanner}/test-scan/templates/test-scan-scan-type.yaml (100%) rename {integrations => scanner}/test-scan/values.yaml (100%) rename {integrations => scanner}/trivy/.helmignore (100%) rename {integrations => scanner}/trivy/Chart.yaml (100%) rename {integrations => scanner}/trivy/README.md (97%) rename {integrations => scanner}/trivy/examples/juice-shop/findings.yaml (100%) rename {integrations => scanner}/trivy/examples/juice-shop/scan.yaml (100%) rename {integrations => scanner}/trivy/examples/mediawiki/findings.yaml (100%) rename {integrations => scanner}/trivy/examples/mediawiki/scan.yaml (100%) rename {integrations => scanner}/trivy/parser/Dockerfile (100%) rename {integrations => scanner}/trivy/parser/__snapshots__/parser.test.js.snap (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/juice-shop-v10.2.0.json (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/mediawiki-1.27.3.json (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/mediawiki-stable.json (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/securecodebox-amass-unstable-pinned.json (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/securecodebox-engine.json (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/securecodebox-ssh-unstable.json (100%) rename {integrations => scanner}/trivy/parser/parser.js (100%) rename {integrations => scanner}/trivy/parser/parser.test.js (100%) rename {integrations => scanner}/trivy/templates/trivy-parse-definition.yaml (100%) rename {integrations => scanner}/trivy/templates/trivy-scan-type.yaml (100%) rename {integrations => scanner}/trivy/values.yaml (100%) rename {integrations => scanner}/wpscan/.helmignore (100%) rename {integrations => scanner}/wpscan/Chart.yaml (100%) rename {integrations => scanner}/wpscan/README.md (98%) rename {integrations => scanner}/wpscan/examples/example.com/findings.yaml (100%) rename {integrations => scanner}/wpscan/examples/example.com/scan.yaml (100%) rename {integrations => scanner}/wpscan/parser/Dockerfile (100%) rename {integrations => scanner}/wpscan/parser/__testFiles__/empty-localhost.json (100%) rename {integrations => scanner}/wpscan/parser/__testFiles__/example-latest.json (100%) rename {integrations => scanner}/wpscan/parser/__testFiles__/example-old.json (100%) rename {integrations => scanner}/wpscan/parser/parser.js (100%) rename {integrations => scanner}/wpscan/parser/parser.test.js (100%) rename {integrations => scanner}/wpscan/templates/wpscan-parse-definition.yaml (100%) rename {integrations => scanner}/wpscan/templates/wpscan-scan-type.yaml (100%) rename {integrations => scanner}/wpscan/values.yaml (100%) rename {integrations => scanner}/zap/.helmignore (100%) rename {integrations => scanner}/zap/Chart.yaml (100%) rename {integrations => scanner}/zap/README.md (98%) rename {integrations => scanner}/zap/examples/.gitkeep (100%) rename {integrations => scanner}/zap/parser/Dockerfile (100%) rename {integrations => scanner}/zap/parser/__snapshots__/parser.test.js.snap (100%) rename {integrations => scanner}/zap/parser/__testFiles__/juice-shop.json (100%) rename {integrations => scanner}/zap/parser/parser.js (100%) rename {integrations => scanner}/zap/parser/parser.test.js (100%) rename {integrations => scanner}/zap/templates/zap-parse-definition.yaml (100%) rename {integrations => scanner}/zap/templates/zap-scan-type.yaml (100%) rename {integrations => scanner}/zap/values.yaml (100%) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 9e407804..bd4328be 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -10,7 +10,7 @@ jobs: run: ls - name: "Install npm dependencies in all parser sub projects" run: | - for dir in integrations/*/parser/ + for dir in scanner/*/parser/ do cd $dir if [ -f package.json ] && [ -f package-lock.json ]; then @@ -35,7 +35,7 @@ jobs: - name: "Install npm test dependencies" run: | npm ci - cd integrations/ + cd scanner/ npm ci cd - cd hooks/ @@ -109,7 +109,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-amass - path: ./integrations/amass/parser/ + path: ./scanner/amass/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -118,7 +118,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-kube-hunter - path: ./integrations/kube-hunter/parser/ + path: ./scanner/kube-hunter/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -127,7 +127,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-nikto - path: ./integrations/nikto/parser/ + path: ./scanner/nikto/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -136,7 +136,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-nmap - path: ./integrations/nmap/parser/ + path: ./scanner/nmap/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -145,7 +145,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-ssh-scan - path: ./integrations/ssh_scan/parser/ + path: ./scanner/ssh_scan/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -154,7 +154,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-sslyze - path: ./integrations/sslyze/parser/ + path: ./scanner/sslyze/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -163,7 +163,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-test-scan - path: ./integrations/test-scan/parser/ + path: ./scanner/test-scan/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -172,7 +172,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-trivy - path: ./integrations/trivy/parser/ + path: ./scanner/trivy/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -181,7 +181,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-zap - path: ./integrations/zap/parser/ + path: ./scanner/zap/parser/ tag_with_ref: true tag_with_sha: true hookImages: @@ -252,7 +252,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/nmap - path: ./integrations/nmap/scanner/ + path: ./scanner/nmap/scanner/ # Note: not prefixed with a "v" as this seems to match nmap versioning standards tags: "7.80,7.80-1,latest" - uses: docker/build-push-action@v1 @@ -261,7 +261,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/kube-hunter - path: ./integrations/kube-hunter/scanner/ + path: ./scanner/kube-hunter/scanner/ # Note: not prefixed with a "v" as this matches the aquasec/kube-hunter tags tags: "0.3.0,latest" - uses: docker/build-push-action@v1 @@ -270,7 +270,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/test-scan - path: ./integrations/test-scan/scanner/ + path: ./scanner/test-scan/scanner/ # Note: not prefixed with a "v" as this seems to match nmap versioning standards tags: "latest" integrationTests: @@ -336,23 +336,23 @@ jobs: --set="image.tag=sha-$(git rev-parse --short HEAD)" \ --set="attribute.name=severity" \ --set="attribute.value=high" - helm -n integration-tests install test-scan ./integrations/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install test-scan ./scanner/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" cd tests/integration/ npx jest --ci --color read-write-hook helm -n integration-tests uninstall test-scan update-category update-severity - name: "nmap Integration Tests" run: | - helm -n integration-tests install nmap ./integrations/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install nmap ./scanner/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" cd tests/integration/ npx jest --ci --color nmap - name: "kube-hunter Integration Tests" run: | - helm -n integration-tests install kube-hunter ./integrations/kube-hunter/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install kube-hunter ./scanner/kube-hunter/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" cd tests/integration/ npx jest --ci --color kube-hunter - name: "ssh-scan Integration Tests" run: | - helm -n integration-tests install ssh-scan ./integrations/ssh_scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install ssh-scan ./scanner/ssh_scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" # Install dummy-ssh app helm -n demo-apps install dummy-ssh ./demo-apps/dummy-ssh/ --wait cd tests/integration/ diff --git a/package.json b/package.json index 293f0ba0..a300945f 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,7 @@ }, "jest": { "projects": [ - "/integrations/", + "/scanner/", "/hooks/", { "displayName": "lint", diff --git a/integrations/.gitignore b/scanner/.gitignore similarity index 100% rename from integrations/.gitignore rename to scanner/.gitignore diff --git a/integrations/amass/.helmignore b/scanner/amass/.helmignore similarity index 100% rename from integrations/amass/.helmignore rename to scanner/amass/.helmignore diff --git a/integrations/amass/Chart.yaml b/scanner/amass/Chart.yaml similarity index 100% rename from integrations/amass/Chart.yaml rename to scanner/amass/Chart.yaml diff --git a/integrations/amass/README.md b/scanner/amass/README.md similarity index 97% rename from integrations/amass/README.md rename to scanner/amass/README.md index 22a50803..5a0cdbf2 100644 --- a/integrations/amass/README.md +++ b/scanner/amass/README.md @@ -16,7 +16,7 @@ The OWASP Amass Project has developed a tool to help information security profes The AMASS scanType can be deployed via helm. ```bash -helm upgrade --install amass ./integrations/amass/ +helm upgrade --install amass ./scanner/amass/ ``` ## Examples diff --git a/integrations/amass/examples/example.com/scan.yaml b/scanner/amass/examples/example.com/scan.yaml similarity index 100% rename from integrations/amass/examples/example.com/scan.yaml rename to scanner/amass/examples/example.com/scan.yaml diff --git a/integrations/amass/examples/secureCodeBox.io/scan.yaml b/scanner/amass/examples/secureCodeBox.io/scan.yaml similarity index 100% rename from integrations/amass/examples/secureCodeBox.io/scan.yaml rename to scanner/amass/examples/secureCodeBox.io/scan.yaml diff --git a/integrations/amass/parser/Dockerfile b/scanner/amass/parser/Dockerfile similarity index 100% rename from integrations/amass/parser/Dockerfile rename to scanner/amass/parser/Dockerfile diff --git a/integrations/amass/parser/__snapshots__/parser.test.js.snap b/scanner/amass/parser/__snapshots__/parser.test.js.snap similarity index 100% rename from integrations/amass/parser/__snapshots__/parser.test.js.snap rename to scanner/amass/parser/__snapshots__/parser.test.js.snap diff --git a/integrations/amass/parser/__testFiles__/securecodebox.io.jsonl b/scanner/amass/parser/__testFiles__/securecodebox.io.jsonl similarity index 100% rename from integrations/amass/parser/__testFiles__/securecodebox.io.jsonl rename to scanner/amass/parser/__testFiles__/securecodebox.io.jsonl diff --git a/integrations/amass/parser/parser.js b/scanner/amass/parser/parser.js similarity index 100% rename from integrations/amass/parser/parser.js rename to scanner/amass/parser/parser.js diff --git a/integrations/amass/parser/parser.test.js b/scanner/amass/parser/parser.test.js similarity index 100% rename from integrations/amass/parser/parser.test.js rename to scanner/amass/parser/parser.test.js diff --git a/integrations/amass/templates/amass-parse-definition.yaml b/scanner/amass/templates/amass-parse-definition.yaml similarity index 100% rename from integrations/amass/templates/amass-parse-definition.yaml rename to scanner/amass/templates/amass-parse-definition.yaml diff --git a/integrations/amass/templates/amass-scan-type.yaml b/scanner/amass/templates/amass-scan-type.yaml similarity index 100% rename from integrations/amass/templates/amass-scan-type.yaml rename to scanner/amass/templates/amass-scan-type.yaml diff --git a/integrations/amass/values.yaml b/scanner/amass/values.yaml similarity index 100% rename from integrations/amass/values.yaml rename to scanner/amass/values.yaml diff --git a/integrations/kube-hunter/.helmignore b/scanner/kube-hunter/.helmignore similarity index 100% rename from integrations/kube-hunter/.helmignore rename to scanner/kube-hunter/.helmignore diff --git a/integrations/kube-hunter/Chart.yaml b/scanner/kube-hunter/Chart.yaml similarity index 100% rename from integrations/kube-hunter/Chart.yaml rename to scanner/kube-hunter/Chart.yaml diff --git a/integrations/kube-hunter/README.md b/scanner/kube-hunter/README.md similarity index 96% rename from integrations/kube-hunter/README.md rename to scanner/kube-hunter/README.md index a60ceb19..69ce4b44 100644 --- a/integrations/kube-hunter/README.md +++ b/scanner/kube-hunter/README.md @@ -16,7 +16,7 @@ To learn more about the kube-hunter scanner itself visit [kube-hunter GitHub] or The kube-hunter ScanType can be deployed via helm. ```bash -helm upgrade --install kube-hunter ./integrations/kube-hunter/ +helm upgrade --install kube-hunter ./scanner/kube-hunter/ ``` ## Examples diff --git a/integrations/kube-hunter/examples/in-cluster/findings.json b/scanner/kube-hunter/examples/in-cluster/findings.json similarity index 100% rename from integrations/kube-hunter/examples/in-cluster/findings.json rename to scanner/kube-hunter/examples/in-cluster/findings.json diff --git a/integrations/kube-hunter/examples/in-cluster/scan.yaml b/scanner/kube-hunter/examples/in-cluster/scan.yaml similarity index 100% rename from integrations/kube-hunter/examples/in-cluster/scan.yaml rename to scanner/kube-hunter/examples/in-cluster/scan.yaml diff --git a/integrations/kube-hunter/parser/Dockerfile b/scanner/kube-hunter/parser/Dockerfile similarity index 100% rename from integrations/kube-hunter/parser/Dockerfile rename to scanner/kube-hunter/parser/Dockerfile diff --git a/integrations/kube-hunter/parser/__snapshots__/parser.test.js.snap b/scanner/kube-hunter/parser/__snapshots__/parser.test.js.snap similarity index 100% rename from integrations/kube-hunter/parser/__snapshots__/parser.test.js.snap rename to scanner/kube-hunter/parser/__snapshots__/parser.test.js.snap diff --git a/integrations/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json b/scanner/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json similarity index 100% rename from integrations/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json rename to scanner/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json diff --git a/integrations/kube-hunter/parser/parser.js b/scanner/kube-hunter/parser/parser.js similarity index 100% rename from integrations/kube-hunter/parser/parser.js rename to scanner/kube-hunter/parser/parser.js diff --git a/integrations/kube-hunter/parser/parser.test.js b/scanner/kube-hunter/parser/parser.test.js similarity index 100% rename from integrations/kube-hunter/parser/parser.test.js rename to scanner/kube-hunter/parser/parser.test.js diff --git a/integrations/kube-hunter/scanner/Dockerfile b/scanner/kube-hunter/scanner/Dockerfile similarity index 100% rename from integrations/kube-hunter/scanner/Dockerfile rename to scanner/kube-hunter/scanner/Dockerfile diff --git a/integrations/kube-hunter/scanner/wrapper.sh b/scanner/kube-hunter/scanner/wrapper.sh similarity index 100% rename from integrations/kube-hunter/scanner/wrapper.sh rename to scanner/kube-hunter/scanner/wrapper.sh diff --git a/integrations/kube-hunter/templates/kube-hunter-parse-definition.yaml b/scanner/kube-hunter/templates/kube-hunter-parse-definition.yaml similarity index 100% rename from integrations/kube-hunter/templates/kube-hunter-parse-definition.yaml rename to scanner/kube-hunter/templates/kube-hunter-parse-definition.yaml diff --git a/integrations/kube-hunter/templates/kubehunter-scan-type.yaml b/scanner/kube-hunter/templates/kubehunter-scan-type.yaml similarity index 100% rename from integrations/kube-hunter/templates/kubehunter-scan-type.yaml rename to scanner/kube-hunter/templates/kubehunter-scan-type.yaml diff --git a/integrations/kube-hunter/values.yaml b/scanner/kube-hunter/values.yaml similarity index 100% rename from integrations/kube-hunter/values.yaml rename to scanner/kube-hunter/values.yaml diff --git a/integrations/nikto/.helmignore b/scanner/nikto/.helmignore similarity index 100% rename from integrations/nikto/.helmignore rename to scanner/nikto/.helmignore diff --git a/integrations/nikto/Chart.yaml b/scanner/nikto/Chart.yaml similarity index 100% rename from integrations/nikto/Chart.yaml rename to scanner/nikto/Chart.yaml diff --git a/integrations/nikto/README.md b/scanner/nikto/README.md similarity index 100% rename from integrations/nikto/README.md rename to scanner/nikto/README.md diff --git a/integrations/nikto/examples/secureCodeBox.io/scan.yaml b/scanner/nikto/examples/secureCodeBox.io/scan.yaml similarity index 100% rename from integrations/nikto/examples/secureCodeBox.io/scan.yaml rename to scanner/nikto/examples/secureCodeBox.io/scan.yaml diff --git a/integrations/nikto/parser/Dockerfile b/scanner/nikto/parser/Dockerfile similarity index 100% rename from integrations/nikto/parser/Dockerfile rename to scanner/nikto/parser/Dockerfile diff --git a/integrations/nikto/parser/__snapshots__/parser.test.js.snap b/scanner/nikto/parser/__snapshots__/parser.test.js.snap similarity index 100% rename from integrations/nikto/parser/__snapshots__/parser.test.js.snap rename to scanner/nikto/parser/__snapshots__/parser.test.js.snap diff --git a/integrations/nikto/parser/__testFiles__/juice-shop.json b/scanner/nikto/parser/__testFiles__/juice-shop.json similarity index 100% rename from integrations/nikto/parser/__testFiles__/juice-shop.json rename to scanner/nikto/parser/__testFiles__/juice-shop.json diff --git a/integrations/nikto/parser/__testFiles__/www.securecodebox.io.json b/scanner/nikto/parser/__testFiles__/www.securecodebox.io.json similarity index 100% rename from integrations/nikto/parser/__testFiles__/www.securecodebox.io.json rename to scanner/nikto/parser/__testFiles__/www.securecodebox.io.json diff --git a/integrations/nikto/parser/parser.js b/scanner/nikto/parser/parser.js similarity index 100% rename from integrations/nikto/parser/parser.js rename to scanner/nikto/parser/parser.js diff --git a/integrations/nikto/parser/parser.test.js b/scanner/nikto/parser/parser.test.js similarity index 100% rename from integrations/nikto/parser/parser.test.js rename to scanner/nikto/parser/parser.test.js diff --git a/integrations/nikto/scanner/Dockerfile b/scanner/nikto/scanner/Dockerfile similarity index 100% rename from integrations/nikto/scanner/Dockerfile rename to scanner/nikto/scanner/Dockerfile diff --git a/integrations/nikto/scanner/wrapper.sh b/scanner/nikto/scanner/wrapper.sh similarity index 100% rename from integrations/nikto/scanner/wrapper.sh rename to scanner/nikto/scanner/wrapper.sh diff --git a/integrations/nikto/templates/nikto-parse-definition.yaml b/scanner/nikto/templates/nikto-parse-definition.yaml similarity index 100% rename from integrations/nikto/templates/nikto-parse-definition.yaml rename to scanner/nikto/templates/nikto-parse-definition.yaml diff --git a/integrations/nikto/templates/nikto-scan-type.yaml b/scanner/nikto/templates/nikto-scan-type.yaml similarity index 100% rename from integrations/nikto/templates/nikto-scan-type.yaml rename to scanner/nikto/templates/nikto-scan-type.yaml diff --git a/integrations/nikto/values.yaml b/scanner/nikto/values.yaml similarity index 100% rename from integrations/nikto/values.yaml rename to scanner/nikto/values.yaml diff --git a/integrations/nmap/.helmignore b/scanner/nmap/.helmignore similarity index 100% rename from integrations/nmap/.helmignore rename to scanner/nmap/.helmignore diff --git a/integrations/nmap/Chart.yaml b/scanner/nmap/Chart.yaml similarity index 100% rename from integrations/nmap/Chart.yaml rename to scanner/nmap/Chart.yaml diff --git a/integrations/nmap/readme.md b/scanner/nmap/README.md similarity index 98% rename from integrations/nmap/readme.md rename to scanner/nmap/README.md index 2e20ec88..18444c29 100644 --- a/integrations/nmap/readme.md +++ b/scanner/nmap/README.md @@ -18,7 +18,7 @@ To learn more about the Nmap scanner itself visit [nmap.org]. The Nmap ScanType can be deployed via helm. ```bash -helm install nmap ./integrations/nmap/ +helm install nmap ./scanner/nmap/ ``` ## Examples diff --git a/integrations/nmap/examples/local-network/findings.yaml b/scanner/nmap/examples/local-network/findings.yaml similarity index 100% rename from integrations/nmap/examples/local-network/findings.yaml rename to scanner/nmap/examples/local-network/findings.yaml diff --git a/integrations/nmap/examples/local-network/scan.yaml b/scanner/nmap/examples/local-network/scan.yaml similarity index 100% rename from integrations/nmap/examples/local-network/scan.yaml rename to scanner/nmap/examples/local-network/scan.yaml diff --git a/integrations/nmap/examples/localhost/findings.yaml b/scanner/nmap/examples/localhost/findings.yaml similarity index 100% rename from integrations/nmap/examples/localhost/findings.yaml rename to scanner/nmap/examples/localhost/findings.yaml diff --git a/integrations/nmap/examples/localhost/scan.yaml b/scanner/nmap/examples/localhost/scan.yaml similarity index 100% rename from integrations/nmap/examples/localhost/scan.yaml rename to scanner/nmap/examples/localhost/scan.yaml diff --git a/integrations/nmap/examples/scan.nmap.org/findings.yaml b/scanner/nmap/examples/scan.nmap.org/findings.yaml similarity index 100% rename from integrations/nmap/examples/scan.nmap.org/findings.yaml rename to scanner/nmap/examples/scan.nmap.org/findings.yaml diff --git a/integrations/nmap/examples/scan.nmap.org/scan.yaml b/scanner/nmap/examples/scan.nmap.org/scan.yaml similarity index 100% rename from integrations/nmap/examples/scan.nmap.org/scan.yaml rename to scanner/nmap/examples/scan.nmap.org/scan.yaml diff --git a/integrations/nmap/parser/.dockerignore b/scanner/nmap/parser/.dockerignore similarity index 100% rename from integrations/nmap/parser/.dockerignore rename to scanner/nmap/parser/.dockerignore diff --git a/integrations/nmap/parser/.gitignore b/scanner/nmap/parser/.gitignore similarity index 100% rename from integrations/nmap/parser/.gitignore rename to scanner/nmap/parser/.gitignore diff --git a/integrations/nmap/parser/Dockerfile b/scanner/nmap/parser/Dockerfile similarity index 100% rename from integrations/nmap/parser/Dockerfile rename to scanner/nmap/parser/Dockerfile diff --git a/integrations/nmap/parser/__testFiles__/localhost-smb-script.xml b/scanner/nmap/parser/__testFiles__/localhost-smb-script.xml similarity index 100% rename from integrations/nmap/parser/__testFiles__/localhost-smb-script.xml rename to scanner/nmap/parser/__testFiles__/localhost-smb-script.xml diff --git a/integrations/nmap/parser/__testFiles__/localhost.xml b/scanner/nmap/parser/__testFiles__/localhost.xml similarity index 100% rename from integrations/nmap/parser/__testFiles__/localhost.xml rename to scanner/nmap/parser/__testFiles__/localhost.xml diff --git a/integrations/nmap/parser/__testFiles__/no-host.xml b/scanner/nmap/parser/__testFiles__/no-host.xml similarity index 100% rename from integrations/nmap/parser/__testFiles__/no-host.xml rename to scanner/nmap/parser/__testFiles__/no-host.xml diff --git a/integrations/nmap/parser/__testFiles__/no-ports.xml b/scanner/nmap/parser/__testFiles__/no-ports.xml similarity index 100% rename from integrations/nmap/parser/__testFiles__/no-ports.xml rename to scanner/nmap/parser/__testFiles__/no-ports.xml diff --git a/integrations/nmap/parser/package-lock.json b/scanner/nmap/parser/package-lock.json similarity index 100% rename from integrations/nmap/parser/package-lock.json rename to scanner/nmap/parser/package-lock.json diff --git a/integrations/nmap/parser/package.json b/scanner/nmap/parser/package.json similarity index 100% rename from integrations/nmap/parser/package.json rename to scanner/nmap/parser/package.json diff --git a/integrations/nmap/parser/parser.js b/scanner/nmap/parser/parser.js similarity index 100% rename from integrations/nmap/parser/parser.js rename to scanner/nmap/parser/parser.js diff --git a/integrations/nmap/parser/parser.test.js b/scanner/nmap/parser/parser.test.js similarity index 100% rename from integrations/nmap/parser/parser.test.js rename to scanner/nmap/parser/parser.test.js diff --git a/integrations/nmap/scanner/Dockerfile b/scanner/nmap/scanner/Dockerfile similarity index 100% rename from integrations/nmap/scanner/Dockerfile rename to scanner/nmap/scanner/Dockerfile diff --git a/integrations/nmap/templates/nmap-parse-definition.yaml b/scanner/nmap/templates/nmap-parse-definition.yaml similarity index 100% rename from integrations/nmap/templates/nmap-parse-definition.yaml rename to scanner/nmap/templates/nmap-parse-definition.yaml diff --git a/integrations/nmap/templates/nmap-scan-type.yaml b/scanner/nmap/templates/nmap-scan-type.yaml similarity index 100% rename from integrations/nmap/templates/nmap-scan-type.yaml rename to scanner/nmap/templates/nmap-scan-type.yaml diff --git a/integrations/nmap/values.yaml b/scanner/nmap/values.yaml similarity index 100% rename from integrations/nmap/values.yaml rename to scanner/nmap/values.yaml diff --git a/integrations/package-lock.json b/scanner/package-lock.json similarity index 99% rename from integrations/package-lock.json rename to scanner/package-lock.json index 8361dec0..9a06f1ed 100644 --- a/integrations/package-lock.json +++ b/scanner/package-lock.json @@ -1,5 +1,5 @@ { - "name": "securecodebox-scanner-integrations", + "name": "securecodebox-scanner", "version": "1.0.0", "lockfileVersion": 1, "requires": true, diff --git a/integrations/package.json b/scanner/package.json similarity index 84% rename from integrations/package.json rename to scanner/package.json index 10344210..74a488d9 100644 --- a/integrations/package.json +++ b/scanner/package.json @@ -1,5 +1,5 @@ { - "name": "securecodebox-scanner-integrations", + "name": "securecodebox-scanner", "version": "1.0.0", "description": "", "main": "index.js", diff --git a/integrations/ssh_scan/.helmignore b/scanner/ssh_scan/.helmignore similarity index 100% rename from integrations/ssh_scan/.helmignore rename to scanner/ssh_scan/.helmignore diff --git a/integrations/ssh_scan/Chart.yaml b/scanner/ssh_scan/Chart.yaml similarity index 100% rename from integrations/ssh_scan/Chart.yaml rename to scanner/ssh_scan/Chart.yaml diff --git a/integrations/ssh_scan/README.md b/scanner/ssh_scan/README.md similarity index 98% rename from integrations/ssh_scan/README.md rename to scanner/ssh_scan/README.md index 825e0193..a5dd22a0 100644 --- a/integrations/ssh_scan/README.md +++ b/scanner/ssh_scan/README.md @@ -17,7 +17,7 @@ To learn more about the ssh_scan scanner itself visit [ssh_scan GitHub]. The SSH_scan ScanType can be deployed via helm. ```bash -helm upgrade --install ssh ./integrations/ssh_scan/ +helm upgrade --install ssh ./scanner/ssh_scan/ ``` ## Examples diff --git a/integrations/ssh_scan/examples/example.com/scan.yaml b/scanner/ssh_scan/examples/example.com/scan.yaml similarity index 100% rename from integrations/ssh_scan/examples/example.com/scan.yaml rename to scanner/ssh_scan/examples/example.com/scan.yaml diff --git a/integrations/ssh_scan/examples/localhost/findings.yaml b/scanner/ssh_scan/examples/localhost/findings.yaml similarity index 100% rename from integrations/ssh_scan/examples/localhost/findings.yaml rename to scanner/ssh_scan/examples/localhost/findings.yaml diff --git a/integrations/ssh_scan/examples/localhost/scan.yaml b/scanner/ssh_scan/examples/localhost/scan.yaml similarity index 100% rename from integrations/ssh_scan/examples/localhost/scan.yaml rename to scanner/ssh_scan/examples/localhost/scan.yaml diff --git a/integrations/ssh_scan/parser/Dockerfile b/scanner/ssh_scan/parser/Dockerfile similarity index 100% rename from integrations/ssh_scan/parser/Dockerfile rename to scanner/ssh_scan/parser/Dockerfile diff --git a/integrations/ssh_scan/parser/__testFiles__/192.168.42.42.json b/scanner/ssh_scan/parser/__testFiles__/192.168.42.42.json similarity index 100% rename from integrations/ssh_scan/parser/__testFiles__/192.168.42.42.json rename to scanner/ssh_scan/parser/__testFiles__/192.168.42.42.json diff --git a/integrations/ssh_scan/parser/__testFiles__/local-network.json b/scanner/ssh_scan/parser/__testFiles__/local-network.json similarity index 100% rename from integrations/ssh_scan/parser/__testFiles__/local-network.json rename to scanner/ssh_scan/parser/__testFiles__/local-network.json diff --git a/integrations/ssh_scan/parser/__testFiles__/localhost.json b/scanner/ssh_scan/parser/__testFiles__/localhost.json similarity index 100% rename from integrations/ssh_scan/parser/__testFiles__/localhost.json rename to scanner/ssh_scan/parser/__testFiles__/localhost.json diff --git a/integrations/ssh_scan/parser/__testFiles__/securecodebox.io.json b/scanner/ssh_scan/parser/__testFiles__/securecodebox.io.json similarity index 100% rename from integrations/ssh_scan/parser/__testFiles__/securecodebox.io.json rename to scanner/ssh_scan/parser/__testFiles__/securecodebox.io.json diff --git a/integrations/ssh_scan/parser/parser.js b/scanner/ssh_scan/parser/parser.js similarity index 100% rename from integrations/ssh_scan/parser/parser.js rename to scanner/ssh_scan/parser/parser.js diff --git a/integrations/ssh_scan/parser/parser.test.js b/scanner/ssh_scan/parser/parser.test.js similarity index 100% rename from integrations/ssh_scan/parser/parser.test.js rename to scanner/ssh_scan/parser/parser.test.js diff --git a/integrations/ssh_scan/templates/ssh-scan-parse-definition.yaml b/scanner/ssh_scan/templates/ssh-scan-parse-definition.yaml similarity index 100% rename from integrations/ssh_scan/templates/ssh-scan-parse-definition.yaml rename to scanner/ssh_scan/templates/ssh-scan-parse-definition.yaml diff --git a/integrations/ssh_scan/templates/ssh-scan-scan-type.yaml b/scanner/ssh_scan/templates/ssh-scan-scan-type.yaml similarity index 100% rename from integrations/ssh_scan/templates/ssh-scan-scan-type.yaml rename to scanner/ssh_scan/templates/ssh-scan-scan-type.yaml diff --git a/integrations/ssh_scan/values.yaml b/scanner/ssh_scan/values.yaml similarity index 100% rename from integrations/ssh_scan/values.yaml rename to scanner/ssh_scan/values.yaml diff --git a/integrations/sslyze/.helmignore b/scanner/sslyze/.helmignore similarity index 100% rename from integrations/sslyze/.helmignore rename to scanner/sslyze/.helmignore diff --git a/integrations/sslyze/Chart.yaml b/scanner/sslyze/Chart.yaml similarity index 100% rename from integrations/sslyze/Chart.yaml rename to scanner/sslyze/Chart.yaml diff --git a/integrations/sslyze/README.md b/scanner/sslyze/README.md similarity index 99% rename from integrations/sslyze/README.md rename to scanner/sslyze/README.md index 63dd6d21..5f26c0b8 100644 --- a/integrations/sslyze/README.md +++ b/scanner/sslyze/README.md @@ -14,7 +14,7 @@ SSLyze is a Python library and a CLI tool that can analyze the SSL configuration The SSLyze scanType can be deployed via helm. ```bash -helm upgrade --install sslyze ./integrations/sslyze/ +helm upgrade --install sslyze ./scanner/sslyze/ ``` ## Examples diff --git a/integrations/sslyze/examples/example.com/scan.yaml b/scanner/sslyze/examples/example.com/scan.yaml similarity index 100% rename from integrations/sslyze/examples/example.com/scan.yaml rename to scanner/sslyze/examples/example.com/scan.yaml diff --git a/integrations/sslyze/examples/secureCodeBox.io/scan.yaml b/scanner/sslyze/examples/secureCodeBox.io/scan.yaml similarity index 100% rename from integrations/sslyze/examples/secureCodeBox.io/scan.yaml rename to scanner/sslyze/examples/secureCodeBox.io/scan.yaml diff --git a/integrations/sslyze/parser/.dockerignore b/scanner/sslyze/parser/.dockerignore similarity index 100% rename from integrations/sslyze/parser/.dockerignore rename to scanner/sslyze/parser/.dockerignore diff --git a/integrations/sslyze/parser/Dockerfile b/scanner/sslyze/parser/Dockerfile similarity index 100% rename from integrations/sslyze/parser/Dockerfile rename to scanner/sslyze/parser/Dockerfile diff --git a/integrations/sslyze/parser/__testFiles__/expired.badssl.com.json b/scanner/sslyze/parser/__testFiles__/expired.badssl.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/expired.badssl.com.json rename to scanner/sslyze/parser/__testFiles__/expired.badssl.com.json diff --git a/integrations/sslyze/parser/__testFiles__/google.com.json b/scanner/sslyze/parser/__testFiles__/google.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/google.com.json rename to scanner/sslyze/parser/__testFiles__/google.com.json diff --git a/integrations/sslyze/parser/__testFiles__/mixed-connectivity-result.json b/scanner/sslyze/parser/__testFiles__/mixed-connectivity-result.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/mixed-connectivity-result.json rename to scanner/sslyze/parser/__testFiles__/mixed-connectivity-result.json diff --git a/integrations/sslyze/parser/__testFiles__/revoked.badssl.com.json b/scanner/sslyze/parser/__testFiles__/revoked.badssl.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/revoked.badssl.com.json rename to scanner/sslyze/parser/__testFiles__/revoked.badssl.com.json diff --git a/integrations/sslyze/parser/__testFiles__/self-signed.badssl.com.json b/scanner/sslyze/parser/__testFiles__/self-signed.badssl.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/self-signed.badssl.com.json rename to scanner/sslyze/parser/__testFiles__/self-signed.badssl.com.json diff --git a/integrations/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json b/scanner/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json rename to scanner/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json diff --git a/integrations/sslyze/parser/__testFiles__/unavailible-host.json b/scanner/sslyze/parser/__testFiles__/unavailible-host.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/unavailible-host.json rename to scanner/sslyze/parser/__testFiles__/unavailible-host.json diff --git a/integrations/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json b/scanner/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json rename to scanner/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json diff --git a/integrations/sslyze/parser/__testFiles__/wrong.host.badssl.com.json b/scanner/sslyze/parser/__testFiles__/wrong.host.badssl.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/wrong.host.badssl.com.json rename to scanner/sslyze/parser/__testFiles__/wrong.host.badssl.com.json diff --git a/integrations/sslyze/parser/__testFiles__/www.securecodebox.io.json b/scanner/sslyze/parser/__testFiles__/www.securecodebox.io.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/www.securecodebox.io.json rename to scanner/sslyze/parser/__testFiles__/www.securecodebox.io.json diff --git a/integrations/sslyze/parser/package-lock.json b/scanner/sslyze/parser/package-lock.json similarity index 100% rename from integrations/sslyze/parser/package-lock.json rename to scanner/sslyze/parser/package-lock.json diff --git a/integrations/sslyze/parser/package.json b/scanner/sslyze/parser/package.json similarity index 100% rename from integrations/sslyze/parser/package.json rename to scanner/sslyze/parser/package.json diff --git a/integrations/sslyze/parser/parser.js b/scanner/sslyze/parser/parser.js similarity index 100% rename from integrations/sslyze/parser/parser.js rename to scanner/sslyze/parser/parser.js diff --git a/integrations/sslyze/parser/parser.test.js b/scanner/sslyze/parser/parser.test.js similarity index 100% rename from integrations/sslyze/parser/parser.test.js rename to scanner/sslyze/parser/parser.test.js diff --git a/integrations/sslyze/templates/sslyze-parse-definition.yaml b/scanner/sslyze/templates/sslyze-parse-definition.yaml similarity index 100% rename from integrations/sslyze/templates/sslyze-parse-definition.yaml rename to scanner/sslyze/templates/sslyze-parse-definition.yaml diff --git a/integrations/sslyze/templates/sslyze-scan-type.yaml b/scanner/sslyze/templates/sslyze-scan-type.yaml similarity index 100% rename from integrations/sslyze/templates/sslyze-scan-type.yaml rename to scanner/sslyze/templates/sslyze-scan-type.yaml diff --git a/integrations/sslyze/values.yaml b/scanner/sslyze/values.yaml similarity index 100% rename from integrations/sslyze/values.yaml rename to scanner/sslyze/values.yaml diff --git a/integrations/test-scan/.helmignore b/scanner/test-scan/.helmignore similarity index 100% rename from integrations/test-scan/.helmignore rename to scanner/test-scan/.helmignore diff --git a/integrations/test-scan/Chart.yaml b/scanner/test-scan/Chart.yaml similarity index 100% rename from integrations/test-scan/Chart.yaml rename to scanner/test-scan/Chart.yaml diff --git a/integrations/test-scan/parser/.dockerignore b/scanner/test-scan/parser/.dockerignore similarity index 100% rename from integrations/test-scan/parser/.dockerignore rename to scanner/test-scan/parser/.dockerignore diff --git a/integrations/test-scan/parser/.gitignore b/scanner/test-scan/parser/.gitignore similarity index 100% rename from integrations/test-scan/parser/.gitignore rename to scanner/test-scan/parser/.gitignore diff --git a/integrations/test-scan/parser/Dockerfile b/scanner/test-scan/parser/Dockerfile similarity index 100% rename from integrations/test-scan/parser/Dockerfile rename to scanner/test-scan/parser/Dockerfile diff --git a/integrations/test-scan/parser/package-lock.json b/scanner/test-scan/parser/package-lock.json similarity index 100% rename from integrations/test-scan/parser/package-lock.json rename to scanner/test-scan/parser/package-lock.json diff --git a/integrations/test-scan/parser/package.json b/scanner/test-scan/parser/package.json similarity index 100% rename from integrations/test-scan/parser/package.json rename to scanner/test-scan/parser/package.json diff --git a/integrations/test-scan/parser/parser.js b/scanner/test-scan/parser/parser.js similarity index 100% rename from integrations/test-scan/parser/parser.js rename to scanner/test-scan/parser/parser.js diff --git a/integrations/test-scan/scanner/Dockerfile b/scanner/test-scan/scanner/Dockerfile similarity index 100% rename from integrations/test-scan/scanner/Dockerfile rename to scanner/test-scan/scanner/Dockerfile diff --git a/integrations/test-scan/templates/test-scan-parse-definition.yaml b/scanner/test-scan/templates/test-scan-parse-definition.yaml similarity index 100% rename from integrations/test-scan/templates/test-scan-parse-definition.yaml rename to scanner/test-scan/templates/test-scan-parse-definition.yaml diff --git a/integrations/test-scan/templates/test-scan-scan-type.yaml b/scanner/test-scan/templates/test-scan-scan-type.yaml similarity index 100% rename from integrations/test-scan/templates/test-scan-scan-type.yaml rename to scanner/test-scan/templates/test-scan-scan-type.yaml diff --git a/integrations/test-scan/values.yaml b/scanner/test-scan/values.yaml similarity index 100% rename from integrations/test-scan/values.yaml rename to scanner/test-scan/values.yaml diff --git a/integrations/trivy/.helmignore b/scanner/trivy/.helmignore similarity index 100% rename from integrations/trivy/.helmignore rename to scanner/trivy/.helmignore diff --git a/integrations/trivy/Chart.yaml b/scanner/trivy/Chart.yaml similarity index 100% rename from integrations/trivy/Chart.yaml rename to scanner/trivy/Chart.yaml diff --git a/integrations/trivy/README.md b/scanner/trivy/README.md similarity index 97% rename from integrations/trivy/README.md rename to scanner/trivy/README.md index 92f35204..f49a162d 100644 --- a/integrations/trivy/README.md +++ b/scanner/trivy/README.md @@ -19,7 +19,7 @@ To learn more about the Trivy scanner itself visit or [Trivy GitHub]. The Trivy scanType can be deployed via helm. ```bash -helm upgrade --install trivy ./integrations/trivy/ +helm upgrade --install trivy ./scanner/trivy/ ``` ## Examples diff --git a/integrations/trivy/examples/juice-shop/findings.yaml b/scanner/trivy/examples/juice-shop/findings.yaml similarity index 100% rename from integrations/trivy/examples/juice-shop/findings.yaml rename to scanner/trivy/examples/juice-shop/findings.yaml diff --git a/integrations/trivy/examples/juice-shop/scan.yaml b/scanner/trivy/examples/juice-shop/scan.yaml similarity index 100% rename from integrations/trivy/examples/juice-shop/scan.yaml rename to scanner/trivy/examples/juice-shop/scan.yaml diff --git a/integrations/trivy/examples/mediawiki/findings.yaml b/scanner/trivy/examples/mediawiki/findings.yaml similarity index 100% rename from integrations/trivy/examples/mediawiki/findings.yaml rename to scanner/trivy/examples/mediawiki/findings.yaml diff --git a/integrations/trivy/examples/mediawiki/scan.yaml b/scanner/trivy/examples/mediawiki/scan.yaml similarity index 100% rename from integrations/trivy/examples/mediawiki/scan.yaml rename to scanner/trivy/examples/mediawiki/scan.yaml diff --git a/integrations/trivy/parser/Dockerfile b/scanner/trivy/parser/Dockerfile similarity index 100% rename from integrations/trivy/parser/Dockerfile rename to scanner/trivy/parser/Dockerfile diff --git a/integrations/trivy/parser/__snapshots__/parser.test.js.snap b/scanner/trivy/parser/__snapshots__/parser.test.js.snap similarity index 100% rename from integrations/trivy/parser/__snapshots__/parser.test.js.snap rename to scanner/trivy/parser/__snapshots__/parser.test.js.snap diff --git a/integrations/trivy/parser/__testFiles__/juice-shop-v10.2.0.json b/scanner/trivy/parser/__testFiles__/juice-shop-v10.2.0.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/juice-shop-v10.2.0.json rename to scanner/trivy/parser/__testFiles__/juice-shop-v10.2.0.json diff --git a/integrations/trivy/parser/__testFiles__/mediawiki-1.27.3.json b/scanner/trivy/parser/__testFiles__/mediawiki-1.27.3.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/mediawiki-1.27.3.json rename to scanner/trivy/parser/__testFiles__/mediawiki-1.27.3.json diff --git a/integrations/trivy/parser/__testFiles__/mediawiki-stable.json b/scanner/trivy/parser/__testFiles__/mediawiki-stable.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/mediawiki-stable.json rename to scanner/trivy/parser/__testFiles__/mediawiki-stable.json diff --git a/integrations/trivy/parser/__testFiles__/securecodebox-amass-unstable-pinned.json b/scanner/trivy/parser/__testFiles__/securecodebox-amass-unstable-pinned.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/securecodebox-amass-unstable-pinned.json rename to scanner/trivy/parser/__testFiles__/securecodebox-amass-unstable-pinned.json diff --git a/integrations/trivy/parser/__testFiles__/securecodebox-engine.json b/scanner/trivy/parser/__testFiles__/securecodebox-engine.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/securecodebox-engine.json rename to scanner/trivy/parser/__testFiles__/securecodebox-engine.json diff --git a/integrations/trivy/parser/__testFiles__/securecodebox-ssh-unstable.json b/scanner/trivy/parser/__testFiles__/securecodebox-ssh-unstable.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/securecodebox-ssh-unstable.json rename to scanner/trivy/parser/__testFiles__/securecodebox-ssh-unstable.json diff --git a/integrations/trivy/parser/parser.js b/scanner/trivy/parser/parser.js similarity index 100% rename from integrations/trivy/parser/parser.js rename to scanner/trivy/parser/parser.js diff --git a/integrations/trivy/parser/parser.test.js b/scanner/trivy/parser/parser.test.js similarity index 100% rename from integrations/trivy/parser/parser.test.js rename to scanner/trivy/parser/parser.test.js diff --git a/integrations/trivy/templates/trivy-parse-definition.yaml b/scanner/trivy/templates/trivy-parse-definition.yaml similarity index 100% rename from integrations/trivy/templates/trivy-parse-definition.yaml rename to scanner/trivy/templates/trivy-parse-definition.yaml diff --git a/integrations/trivy/templates/trivy-scan-type.yaml b/scanner/trivy/templates/trivy-scan-type.yaml similarity index 100% rename from integrations/trivy/templates/trivy-scan-type.yaml rename to scanner/trivy/templates/trivy-scan-type.yaml diff --git a/integrations/trivy/values.yaml b/scanner/trivy/values.yaml similarity index 100% rename from integrations/trivy/values.yaml rename to scanner/trivy/values.yaml diff --git a/integrations/wpscan/.helmignore b/scanner/wpscan/.helmignore similarity index 100% rename from integrations/wpscan/.helmignore rename to scanner/wpscan/.helmignore diff --git a/integrations/wpscan/Chart.yaml b/scanner/wpscan/Chart.yaml similarity index 100% rename from integrations/wpscan/Chart.yaml rename to scanner/wpscan/Chart.yaml diff --git a/integrations/wpscan/README.md b/scanner/wpscan/README.md similarity index 98% rename from integrations/wpscan/README.md rename to scanner/wpscan/README.md index 61b250a6..95771a2c 100644 --- a/integrations/wpscan/README.md +++ b/scanner/wpscan/README.md @@ -20,7 +20,7 @@ To learn more about the WPScan scanner itself visit [wpscan.org] or [wpscan.io]. The WPScan scanType can be deployed via helm. ```bash -helm upgrade --install wpscan ./integrations/wpscan/ +helm upgrade --install wpscan ./scanner/wpscan/ ``` ## Examples diff --git a/integrations/wpscan/examples/example.com/findings.yaml b/scanner/wpscan/examples/example.com/findings.yaml similarity index 100% rename from integrations/wpscan/examples/example.com/findings.yaml rename to scanner/wpscan/examples/example.com/findings.yaml diff --git a/integrations/wpscan/examples/example.com/scan.yaml b/scanner/wpscan/examples/example.com/scan.yaml similarity index 100% rename from integrations/wpscan/examples/example.com/scan.yaml rename to scanner/wpscan/examples/example.com/scan.yaml diff --git a/integrations/wpscan/parser/Dockerfile b/scanner/wpscan/parser/Dockerfile similarity index 100% rename from integrations/wpscan/parser/Dockerfile rename to scanner/wpscan/parser/Dockerfile diff --git a/integrations/wpscan/parser/__testFiles__/empty-localhost.json b/scanner/wpscan/parser/__testFiles__/empty-localhost.json similarity index 100% rename from integrations/wpscan/parser/__testFiles__/empty-localhost.json rename to scanner/wpscan/parser/__testFiles__/empty-localhost.json diff --git a/integrations/wpscan/parser/__testFiles__/example-latest.json b/scanner/wpscan/parser/__testFiles__/example-latest.json similarity index 100% rename from integrations/wpscan/parser/__testFiles__/example-latest.json rename to scanner/wpscan/parser/__testFiles__/example-latest.json diff --git a/integrations/wpscan/parser/__testFiles__/example-old.json b/scanner/wpscan/parser/__testFiles__/example-old.json similarity index 100% rename from integrations/wpscan/parser/__testFiles__/example-old.json rename to scanner/wpscan/parser/__testFiles__/example-old.json diff --git a/integrations/wpscan/parser/parser.js b/scanner/wpscan/parser/parser.js similarity index 100% rename from integrations/wpscan/parser/parser.js rename to scanner/wpscan/parser/parser.js diff --git a/integrations/wpscan/parser/parser.test.js b/scanner/wpscan/parser/parser.test.js similarity index 100% rename from integrations/wpscan/parser/parser.test.js rename to scanner/wpscan/parser/parser.test.js diff --git a/integrations/wpscan/templates/wpscan-parse-definition.yaml b/scanner/wpscan/templates/wpscan-parse-definition.yaml similarity index 100% rename from integrations/wpscan/templates/wpscan-parse-definition.yaml rename to scanner/wpscan/templates/wpscan-parse-definition.yaml diff --git a/integrations/wpscan/templates/wpscan-scan-type.yaml b/scanner/wpscan/templates/wpscan-scan-type.yaml similarity index 100% rename from integrations/wpscan/templates/wpscan-scan-type.yaml rename to scanner/wpscan/templates/wpscan-scan-type.yaml diff --git a/integrations/wpscan/values.yaml b/scanner/wpscan/values.yaml similarity index 100% rename from integrations/wpscan/values.yaml rename to scanner/wpscan/values.yaml diff --git a/integrations/zap/.helmignore b/scanner/zap/.helmignore similarity index 100% rename from integrations/zap/.helmignore rename to scanner/zap/.helmignore diff --git a/integrations/zap/Chart.yaml b/scanner/zap/Chart.yaml similarity index 100% rename from integrations/zap/Chart.yaml rename to scanner/zap/Chart.yaml diff --git a/integrations/zap/README.md b/scanner/zap/README.md similarity index 98% rename from integrations/zap/README.md rename to scanner/zap/README.md index 58cb5168..398c68dc 100644 --- a/integrations/zap/README.md +++ b/scanner/zap/README.md @@ -18,7 +18,7 @@ To learn more about the ZAP scanner itself visit [OWASP_Zap_Project] or [zaproxy The ZAP scanType can be deployed via helm. ```bash -helm upgrade --install zap ./integrations/zap/ +helm upgrade --install zap ./scanner/zap/ ``` ## Examples diff --git a/integrations/zap/examples/.gitkeep b/scanner/zap/examples/.gitkeep similarity index 100% rename from integrations/zap/examples/.gitkeep rename to scanner/zap/examples/.gitkeep diff --git a/integrations/zap/parser/Dockerfile b/scanner/zap/parser/Dockerfile similarity index 100% rename from integrations/zap/parser/Dockerfile rename to scanner/zap/parser/Dockerfile diff --git a/integrations/zap/parser/__snapshots__/parser.test.js.snap b/scanner/zap/parser/__snapshots__/parser.test.js.snap similarity index 100% rename from integrations/zap/parser/__snapshots__/parser.test.js.snap rename to scanner/zap/parser/__snapshots__/parser.test.js.snap diff --git a/integrations/zap/parser/__testFiles__/juice-shop.json b/scanner/zap/parser/__testFiles__/juice-shop.json similarity index 100% rename from integrations/zap/parser/__testFiles__/juice-shop.json rename to scanner/zap/parser/__testFiles__/juice-shop.json diff --git a/integrations/zap/parser/parser.js b/scanner/zap/parser/parser.js similarity index 100% rename from integrations/zap/parser/parser.js rename to scanner/zap/parser/parser.js diff --git a/integrations/zap/parser/parser.test.js b/scanner/zap/parser/parser.test.js similarity index 100% rename from integrations/zap/parser/parser.test.js rename to scanner/zap/parser/parser.test.js diff --git a/integrations/zap/templates/zap-parse-definition.yaml b/scanner/zap/templates/zap-parse-definition.yaml similarity index 100% rename from integrations/zap/templates/zap-parse-definition.yaml rename to scanner/zap/templates/zap-parse-definition.yaml diff --git a/integrations/zap/templates/zap-scan-type.yaml b/scanner/zap/templates/zap-scan-type.yaml similarity index 100% rename from integrations/zap/templates/zap-scan-type.yaml rename to scanner/zap/templates/zap-scan-type.yaml diff --git a/integrations/zap/values.yaml b/scanner/zap/values.yaml similarity index 100% rename from integrations/zap/values.yaml rename to scanner/zap/values.yaml From ce90452434115870187cf2103f050856ef98f369 Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Wed, 17 Jun 2020 11:17:01 +0200 Subject: [PATCH 106/109] Add basic integration Test for read-only-hooks Added helm chart with http-echo service I used the test-scan and the generic-webhook to perform a request on the http-echo service and ensured this request is listed in the container logs of the http-echo service --- integrations/http-webhook/.helmignore | 23 ++++++ integrations/http-webhook/Chart.yaml | 23 ++++++ integrations/http-webhook/templates/NOTES.txt | 21 +++++ .../http-webhook/templates/_helpers.tpl | 63 +++++++++++++++ .../http-webhook/templates/deployment.yaml | 61 ++++++++++++++ integrations/http-webhook/templates/hpa.yaml | 28 +++++++ .../http-webhook/templates/ingress.yaml | 41 ++++++++++ .../http-webhook/templates/service.yaml | 15 ++++ .../templates/serviceaccount.yaml | 12 +++ .../templates/tests/test-connection.yaml | 15 ++++ integrations/http-webhook/values.yaml | 80 +++++++++++++++++++ .../generic/read-only-hook.test.js | 38 +++++++++ 12 files changed, 420 insertions(+) create mode 100644 integrations/http-webhook/.helmignore create mode 100644 integrations/http-webhook/Chart.yaml create mode 100644 integrations/http-webhook/templates/NOTES.txt create mode 100644 integrations/http-webhook/templates/_helpers.tpl create mode 100644 integrations/http-webhook/templates/deployment.yaml create mode 100644 integrations/http-webhook/templates/hpa.yaml create mode 100644 integrations/http-webhook/templates/ingress.yaml create mode 100644 integrations/http-webhook/templates/service.yaml create mode 100644 integrations/http-webhook/templates/serviceaccount.yaml create mode 100644 integrations/http-webhook/templates/tests/test-connection.yaml create mode 100644 integrations/http-webhook/values.yaml create mode 100644 tests/integration/generic/read-only-hook.test.js diff --git a/integrations/http-webhook/.helmignore b/integrations/http-webhook/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/integrations/http-webhook/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/integrations/http-webhook/Chart.yaml b/integrations/http-webhook/Chart.yaml new file mode 100644 index 00000000..dfd68ec9 --- /dev/null +++ b/integrations/http-webhook/Chart.yaml @@ -0,0 +1,23 @@ +apiVersion: v2 +name: http-webhook +description: A Dummy webserver to echo HTTP requests in log + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: 1.16.0 diff --git a/integrations/http-webhook/templates/NOTES.txt b/integrations/http-webhook/templates/NOTES.txt new file mode 100644 index 00000000..bce7e42d --- /dev/null +++ b/integrations/http-webhook/templates/NOTES.txt @@ -0,0 +1,21 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "http-webhook.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "http-webhook.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "http-webhook.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "http-webhook.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/integrations/http-webhook/templates/_helpers.tpl b/integrations/http-webhook/templates/_helpers.tpl new file mode 100644 index 00000000..31997741 --- /dev/null +++ b/integrations/http-webhook/templates/_helpers.tpl @@ -0,0 +1,63 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "http-webhook.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "http-webhook.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "http-webhook.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "http-webhook.labels" -}} +helm.sh/chart: {{ include "http-webhook.chart" . }} +{{ include "http-webhook.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "http-webhook.selectorLabels" -}} +app.kubernetes.io/name: {{ include "http-webhook.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "http-webhook.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "http-webhook.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/integrations/http-webhook/templates/deployment.yaml b/integrations/http-webhook/templates/deployment.yaml new file mode 100644 index 00000000..ebfbd8e5 --- /dev/null +++ b/integrations/http-webhook/templates/deployment.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "http-webhook.fullname" . }} + labels: + {{- include "http-webhook.labels" . | nindent 4 }} +spec: +{{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} +{{- end }} + selector: + matchLabels: + {{- include "http-webhook.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "http-webhook.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "http-webhook.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 80 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/integrations/http-webhook/templates/hpa.yaml b/integrations/http-webhook/templates/hpa.yaml new file mode 100644 index 00000000..53e511bd --- /dev/null +++ b/integrations/http-webhook/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "http-webhook.fullname" . }} + labels: + {{- include "http-webhook.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "http-webhook.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/integrations/http-webhook/templates/ingress.yaml b/integrations/http-webhook/templates/ingress.yaml new file mode 100644 index 00000000..cb0939c3 --- /dev/null +++ b/integrations/http-webhook/templates/ingress.yaml @@ -0,0 +1,41 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "http-webhook.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "http-webhook.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ . }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} diff --git a/integrations/http-webhook/templates/service.yaml b/integrations/http-webhook/templates/service.yaml new file mode 100644 index 00000000..525b2caf --- /dev/null +++ b/integrations/http-webhook/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "http-webhook.fullname" . }} + labels: + {{- include "http-webhook.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "http-webhook.selectorLabels" . | nindent 4 }} diff --git a/integrations/http-webhook/templates/serviceaccount.yaml b/integrations/http-webhook/templates/serviceaccount.yaml new file mode 100644 index 00000000..da37a005 --- /dev/null +++ b/integrations/http-webhook/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "http-webhook.serviceAccountName" . }} + labels: + {{- include "http-webhook.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/integrations/http-webhook/templates/tests/test-connection.yaml b/integrations/http-webhook/templates/tests/test-connection.yaml new file mode 100644 index 00000000..f97ed58d --- /dev/null +++ b/integrations/http-webhook/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "http-webhook.fullname" . }}-test-connection" + labels: + {{- include "http-webhook.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "http-webhook.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/integrations/http-webhook/values.yaml b/integrations/http-webhook/values.yaml new file mode 100644 index 00000000..700c20d3 --- /dev/null +++ b/integrations/http-webhook/values.yaml @@ -0,0 +1,80 @@ +# Default values for http-webhook. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + registry: docker.io + repository: mendhak/http-https-echo + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "latest" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: [] + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/tests/integration/generic/read-only-hook.test.js b/tests/integration/generic/read-only-hook.test.js new file mode 100644 index 00000000..d71c3d64 --- /dev/null +++ b/tests/integration/generic/read-only-hook.test.js @@ -0,0 +1,38 @@ +const { scan } = require("../helpers"); +const k8s = require('@kubernetes/client-node'); + +test( + "localhost port scan should only find a host finding", + async () => { + await scan( + "test-scan-read-only-hook", + "test-scan", + [], + 90 + ); + + const webhook = "http-webhook"; + const namespace = "integration-tests"; + + const kc = new k8s.KubeConfig(); + kc.loadFromDefault(); + + const k8sApi = kc.makeApiClient(k8s.CoreV1Api); + + function containsPod(item) { + return item.metadata.name.includes(webhook) + } + + let podName; + await k8sApi.listNamespacedPod(namespace, 'true').then((res) => { + let podArray = res.body.items.filter(containsPod); + podName = podArray.pop().metadata.name; + }); + + const containerName = webhook; + + let containerLog = await k8sApi.readNamespacedPodLog(podName, namespace, containerName, false); + expect(containerLog.body.includes("path: '/hallo-welt'")).toBe(true); + }, + 3 * 60 * 1000 +); From e7c7ec2c3d26b78dbe36ebafa8c84a71c063d773 Mon Sep 17 00:00:00 2001 From: Yannik Fuhrmeister Date: Wed, 17 Jun 2020 11:30:03 +0200 Subject: [PATCH 107/109] Merge branch 'hooks' of github.com:secureCodeBox/secureCodeBox-v2-alpha into hooks --- .github/workflows/ci.yaml | 36 +++++++++---------- README.md | 22 ++++++------ hooks/imperative-subsequent-scans/hook.js | 3 +- .../scan-helpers.js | 2 +- hooks/imperative-subsequent-scans/values.yaml | 10 +++--- .../templates/persistence-provider.yaml | 2 +- hooks/persistence-elastic/values.yaml | 4 +-- operator/Chart.yaml | 2 +- .../amass_securecodebox_io.yaml | 13 ------- .../kube-hunter_in_cluster.yaml | 8 ----- .../nikto_securecodebox_io.yaml | 14 -------- .../execution_v1_scan/nmap_localhost.yaml | 9 ----- .../nmap_scanme_nmap_org.yaml | 8 ----- .../nmap_securecodebox_io.yaml | 9 ----- .../execution_v1_scan/ssh_iteratec_de.yaml | 11 ------ .../sslyze_securecodebox_io.yaml | 11 ------ .../samples/execution_v1_scan/test-scan.yaml | 7 ---- .../execution_v1_scan/trivy_juiceshop.yaml | 10 ------ .../execution_v1_scan/trivy_mediawiki.yaml | 8 ----- .../execution_v1_scan/zap_juiceshop.yaml | 11 ------ operator/templates/manager/manager.yaml | 7 +--- operator/values.yaml | 11 ++++++ package.json | 2 +- {integrations => scanner}/.gitignore | 0 {integrations => scanner}/amass/.helmignore | 0 {integrations => scanner}/amass/Chart.yaml | 0 {integrations => scanner}/amass/README.md | 2 +- .../amass/examples/example.com/scan.yaml | 0 .../amass/examples/secureCodeBox.io/scan.yaml | 0 .../amass/parser/Dockerfile | 0 .../parser/__snapshots__/parser.test.js.snap | 0 .../__testFiles__/securecodebox.io.jsonl | 0 .../amass/parser/parser.js | 0 .../amass/parser/parser.test.js | 0 .../templates/amass-parse-definition.yaml | 0 .../amass/templates/amass-scan-type.yaml | 0 {integrations => scanner}/amass/values.yaml | 0 .../http-webhook/.helmignore | 0 .../http-webhook/Chart.yaml | 0 .../http-webhook/templates/NOTES.txt | 0 .../http-webhook/templates/_helpers.tpl | 0 .../http-webhook/templates/deployment.yaml | 0 .../http-webhook/templates/hpa.yaml | 0 .../http-webhook/templates/ingress.yaml | 0 .../http-webhook/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../templates/tests/test-connection.yaml | 0 .../http-webhook/values.yaml | 0 .../kube-hunter/.helmignore | 0 .../kube-hunter/Chart.yaml | 0 .../kube-hunter/README.md | 2 +- .../examples/in-cluster/findings.json | 0 .../kube-hunter/examples/in-cluster/scan.yaml | 0 .../kube-hunter/parser/Dockerfile | 0 .../parser/__snapshots__/parser.test.js.snap | 0 .../kind-1.18-in-cluster-scan.json | 0 .../kube-hunter/parser/parser.js | 0 .../kube-hunter/parser/parser.test.js | 0 .../kube-hunter/scanner/Dockerfile | 0 .../kube-hunter/scanner/wrapper.sh | 0 .../kube-hunter-parse-definition.yaml | 0 .../templates/kubehunter-scan-type.yaml | 0 .../kube-hunter/values.yaml | 0 {integrations => scanner}/nikto/.helmignore | 0 {integrations => scanner}/nikto/Chart.yaml | 0 {integrations => scanner}/nikto/README.md | 0 .../nikto/examples/secureCodeBox.io/scan.yaml | 0 .../nikto/parser/Dockerfile | 0 .../parser/__snapshots__/parser.test.js.snap | 0 .../parser/__testFiles__/juice-shop.json | 0 .../__testFiles__/www.securecodebox.io.json | 0 .../nikto/parser/parser.js | 0 .../nikto/parser/parser.test.js | 0 .../nikto/scanner/Dockerfile | 0 .../nikto/scanner/wrapper.sh | 0 .../templates/nikto-parse-definition.yaml | 0 .../nikto/templates/nikto-scan-type.yaml | 0 {integrations => scanner}/nikto/values.yaml | 0 {integrations => scanner}/nmap/.helmignore | 0 {integrations => scanner}/nmap/Chart.yaml | 0 .../nmap/readme.md => scanner/nmap/README.md | 2 +- .../nmap/examples/local-network/findings.yaml | 0 .../nmap/examples/local-network/scan.yaml | 0 .../nmap/examples/localhost/findings.yaml | 0 .../nmap/examples/localhost/scan.yaml | 0 .../nmap/examples/scan.nmap.org/findings.yaml | 0 .../nmap/examples/scan.nmap.org/scan.yaml | 0 .../nmap/parser/.dockerignore | 0 .../nmap/parser/.gitignore | 0 .../nmap/parser/Dockerfile | 0 .../__testFiles__/localhost-smb-script.xml | 0 .../nmap/parser/__testFiles__/localhost.xml | 0 .../nmap/parser/__testFiles__/no-host.xml | 0 .../nmap/parser/__testFiles__/no-ports.xml | 0 .../nmap/parser/package-lock.json | 0 .../nmap/parser/package.json | 0 .../nmap/parser/parser.js | 0 .../nmap/parser/parser.test.js | 0 .../nmap/scanner/Dockerfile | 0 .../nmap/templates/nmap-parse-definition.yaml | 0 .../nmap/templates/nmap-scan-type.yaml | 0 {integrations => scanner}/nmap/values.yaml | 2 +- {integrations => scanner}/package-lock.json | 2 +- {integrations => scanner}/package.json | 2 +- .../ssh_scan/.helmignore | 0 {integrations => scanner}/ssh_scan/Chart.yaml | 0 {integrations => scanner}/ssh_scan/README.md | 2 +- .../ssh_scan/examples/example.com/scan.yaml | 0 .../ssh_scan/examples/localhost/findings.yaml | 0 .../ssh_scan/examples/localhost/scan.yaml | 0 .../ssh_scan/parser/Dockerfile | 0 .../parser/__testFiles__/192.168.42.42.json | 0 .../parser/__testFiles__/local-network.json | 0 .../parser/__testFiles__/localhost.json | 0 .../__testFiles__/securecodebox.io.json | 0 .../ssh_scan/parser/parser.js | 0 .../ssh_scan/parser/parser.test.js | 0 .../templates/ssh-scan-parse-definition.yaml | 0 .../templates/ssh-scan-scan-type.yaml | 0 .../ssh_scan/values.yaml | 0 {integrations => scanner}/sslyze/.helmignore | 0 {integrations => scanner}/sslyze/Chart.yaml | 0 {integrations => scanner}/sslyze/README.md | 2 +- .../sslyze/examples/example.com/scan.yaml | 0 .../examples/secureCodeBox.io/scan.yaml | 0 .../sslyze/parser/.dockerignore | 0 .../sslyze/parser/Dockerfile | 0 .../__testFiles__/expired.badssl.com.json | 0 .../parser/__testFiles__/google.com.json | 0 .../mixed-connectivity-result.json | 0 .../__testFiles__/revoked.badssl.com.json | 0 .../__testFiles__/self-signed.badssl.com.json | 0 .../tls-v1-0.badssl.com_1010.json | 0 .../__testFiles__/unavailible-host.json | 0 .../untrusted-root.badssl.com.json | 0 .../__testFiles__/wrong.host.badssl.com.json | 0 .../__testFiles__/www.securecodebox.io.json | 0 .../sslyze/parser/package-lock.json | 0 .../sslyze/parser/package.json | 0 .../sslyze/parser/parser.js | 0 .../sslyze/parser/parser.test.js | 0 .../templates/sslyze-parse-definition.yaml | 0 .../sslyze/templates/sslyze-scan-type.yaml | 0 {integrations => scanner}/sslyze/values.yaml | 0 .../test-scan/.helmignore | 0 .../test-scan/Chart.yaml | 0 .../test-scan/parser/.dockerignore | 0 .../test-scan/parser/.gitignore | 0 .../test-scan/parser/Dockerfile | 0 .../test-scan/parser/package-lock.json | 0 .../test-scan/parser/package.json | 0 .../test-scan/parser/parser.js | 0 .../test-scan/scanner/Dockerfile | 0 .../templates/test-scan-parse-definition.yaml | 0 .../templates/test-scan-scan-type.yaml | 0 .../test-scan/values.yaml | 0 {integrations => scanner}/trivy/.helmignore | 0 {integrations => scanner}/trivy/Chart.yaml | 0 {integrations => scanner}/trivy/README.md | 2 +- .../trivy/examples/juice-shop/findings.yaml | 0 .../trivy/examples/juice-shop/scan.yaml | 0 .../trivy/examples/mediawiki/findings.yaml | 0 .../trivy/examples/mediawiki/scan.yaml | 0 .../trivy/parser/Dockerfile | 0 .../parser/__snapshots__/parser.test.js.snap | 0 .../__testFiles__/juice-shop-v10.2.0.json | 0 .../__testFiles__/mediawiki-1.27.3.json | 0 .../__testFiles__/mediawiki-stable.json | 0 .../securecodebox-amass-unstable-pinned.json | 0 .../__testFiles__/securecodebox-engine.json | 0 .../securecodebox-ssh-unstable.json | 0 .../trivy/parser/parser.js | 0 .../trivy/parser/parser.test.js | 0 .../templates/trivy-parse-definition.yaml | 0 .../trivy/templates/trivy-scan-type.yaml | 0 {integrations => scanner}/trivy/values.yaml | 0 {integrations => scanner}/wpscan/.helmignore | 0 {integrations => scanner}/wpscan/Chart.yaml | 0 {integrations => scanner}/wpscan/README.md | 2 +- .../wpscan/examples/example.com/findings.yaml | 0 .../wpscan/examples/example.com/scan.yaml | 0 .../wpscan/parser/Dockerfile | 0 .../parser/__testFiles__/empty-localhost.json | 0 .../parser/__testFiles__/example-latest.json | 0 .../parser/__testFiles__/example-old.json | 0 .../wpscan/parser/parser.js | 0 .../wpscan/parser/parser.test.js | 0 .../templates/wpscan-parse-definition.yaml | 0 .../wpscan/templates/wpscan-scan-type.yaml | 0 {integrations => scanner}/wpscan/values.yaml | 0 {integrations => scanner}/zap/.helmignore | 0 {integrations => scanner}/zap/Chart.yaml | 0 {integrations => scanner}/zap/README.md | 2 +- .../zap/examples/.gitkeep | 0 .../zap/parser/Dockerfile | 0 .../parser/__snapshots__/parser.test.js.snap | 0 .../zap/parser/__testFiles__/juice-shop.json | 0 .../zap/parser/parser.js | 0 .../zap/parser/parser.test.js | 0 .../zap/templates/zap-parse-definition.yaml | 0 .../zap/templates/zap-scan-type.yaml | 0 {integrations => scanner}/zap/values.yaml | 0 202 files changed, 65 insertions(+), 177 deletions(-) delete mode 100644 operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml delete mode 100644 operator/config/samples/execution_v1_scan/kube-hunter_in_cluster.yaml delete mode 100644 operator/config/samples/execution_v1_scan/nikto_securecodebox_io.yaml delete mode 100644 operator/config/samples/execution_v1_scan/nmap_localhost.yaml delete mode 100644 operator/config/samples/execution_v1_scan/nmap_scanme_nmap_org.yaml delete mode 100644 operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml delete mode 100644 operator/config/samples/execution_v1_scan/ssh_iteratec_de.yaml delete mode 100644 operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml delete mode 100644 operator/config/samples/execution_v1_scan/test-scan.yaml delete mode 100644 operator/config/samples/execution_v1_scan/trivy_juiceshop.yaml delete mode 100644 operator/config/samples/execution_v1_scan/trivy_mediawiki.yaml delete mode 100644 operator/config/samples/execution_v1_scan/zap_juiceshop.yaml rename {integrations => scanner}/.gitignore (100%) rename {integrations => scanner}/amass/.helmignore (100%) rename {integrations => scanner}/amass/Chart.yaml (100%) rename {integrations => scanner}/amass/README.md (97%) rename {integrations => scanner}/amass/examples/example.com/scan.yaml (100%) rename {integrations => scanner}/amass/examples/secureCodeBox.io/scan.yaml (100%) rename {integrations => scanner}/amass/parser/Dockerfile (100%) rename {integrations => scanner}/amass/parser/__snapshots__/parser.test.js.snap (100%) rename {integrations => scanner}/amass/parser/__testFiles__/securecodebox.io.jsonl (100%) rename {integrations => scanner}/amass/parser/parser.js (100%) rename {integrations => scanner}/amass/parser/parser.test.js (100%) rename {integrations => scanner}/amass/templates/amass-parse-definition.yaml (100%) rename {integrations => scanner}/amass/templates/amass-scan-type.yaml (100%) rename {integrations => scanner}/amass/values.yaml (100%) rename {integrations => scanner}/http-webhook/.helmignore (100%) rename {integrations => scanner}/http-webhook/Chart.yaml (100%) rename {integrations => scanner}/http-webhook/templates/NOTES.txt (100%) rename {integrations => scanner}/http-webhook/templates/_helpers.tpl (100%) rename {integrations => scanner}/http-webhook/templates/deployment.yaml (100%) rename {integrations => scanner}/http-webhook/templates/hpa.yaml (100%) rename {integrations => scanner}/http-webhook/templates/ingress.yaml (100%) rename {integrations => scanner}/http-webhook/templates/service.yaml (100%) rename {integrations => scanner}/http-webhook/templates/serviceaccount.yaml (100%) rename {integrations => scanner}/http-webhook/templates/tests/test-connection.yaml (100%) rename {integrations => scanner}/http-webhook/values.yaml (100%) rename {integrations => scanner}/kube-hunter/.helmignore (100%) rename {integrations => scanner}/kube-hunter/Chart.yaml (100%) rename {integrations => scanner}/kube-hunter/README.md (96%) rename {integrations => scanner}/kube-hunter/examples/in-cluster/findings.json (100%) rename {integrations => scanner}/kube-hunter/examples/in-cluster/scan.yaml (100%) rename {integrations => scanner}/kube-hunter/parser/Dockerfile (100%) rename {integrations => scanner}/kube-hunter/parser/__snapshots__/parser.test.js.snap (100%) rename {integrations => scanner}/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json (100%) rename {integrations => scanner}/kube-hunter/parser/parser.js (100%) rename {integrations => scanner}/kube-hunter/parser/parser.test.js (100%) rename {integrations => scanner}/kube-hunter/scanner/Dockerfile (100%) rename {integrations => scanner}/kube-hunter/scanner/wrapper.sh (100%) rename {integrations => scanner}/kube-hunter/templates/kube-hunter-parse-definition.yaml (100%) rename {integrations => scanner}/kube-hunter/templates/kubehunter-scan-type.yaml (100%) rename {integrations => scanner}/kube-hunter/values.yaml (100%) rename {integrations => scanner}/nikto/.helmignore (100%) rename {integrations => scanner}/nikto/Chart.yaml (100%) rename {integrations => scanner}/nikto/README.md (100%) rename {integrations => scanner}/nikto/examples/secureCodeBox.io/scan.yaml (100%) rename {integrations => scanner}/nikto/parser/Dockerfile (100%) rename {integrations => scanner}/nikto/parser/__snapshots__/parser.test.js.snap (100%) rename {integrations => scanner}/nikto/parser/__testFiles__/juice-shop.json (100%) rename {integrations => scanner}/nikto/parser/__testFiles__/www.securecodebox.io.json (100%) rename {integrations => scanner}/nikto/parser/parser.js (100%) rename {integrations => scanner}/nikto/parser/parser.test.js (100%) rename {integrations => scanner}/nikto/scanner/Dockerfile (100%) rename {integrations => scanner}/nikto/scanner/wrapper.sh (100%) rename {integrations => scanner}/nikto/templates/nikto-parse-definition.yaml (100%) rename {integrations => scanner}/nikto/templates/nikto-scan-type.yaml (100%) rename {integrations => scanner}/nikto/values.yaml (100%) rename {integrations => scanner}/nmap/.helmignore (100%) rename {integrations => scanner}/nmap/Chart.yaml (100%) rename integrations/nmap/readme.md => scanner/nmap/README.md (98%) rename {integrations => scanner}/nmap/examples/local-network/findings.yaml (100%) rename {integrations => scanner}/nmap/examples/local-network/scan.yaml (100%) rename {integrations => scanner}/nmap/examples/localhost/findings.yaml (100%) rename {integrations => scanner}/nmap/examples/localhost/scan.yaml (100%) rename {integrations => scanner}/nmap/examples/scan.nmap.org/findings.yaml (100%) rename {integrations => scanner}/nmap/examples/scan.nmap.org/scan.yaml (100%) rename {integrations => scanner}/nmap/parser/.dockerignore (100%) rename {integrations => scanner}/nmap/parser/.gitignore (100%) rename {integrations => scanner}/nmap/parser/Dockerfile (100%) rename {integrations => scanner}/nmap/parser/__testFiles__/localhost-smb-script.xml (100%) rename {integrations => scanner}/nmap/parser/__testFiles__/localhost.xml (100%) rename {integrations => scanner}/nmap/parser/__testFiles__/no-host.xml (100%) rename {integrations => scanner}/nmap/parser/__testFiles__/no-ports.xml (100%) rename {integrations => scanner}/nmap/parser/package-lock.json (100%) rename {integrations => scanner}/nmap/parser/package.json (100%) rename {integrations => scanner}/nmap/parser/parser.js (100%) rename {integrations => scanner}/nmap/parser/parser.test.js (100%) rename {integrations => scanner}/nmap/scanner/Dockerfile (100%) rename {integrations => scanner}/nmap/templates/nmap-parse-definition.yaml (100%) rename {integrations => scanner}/nmap/templates/nmap-scan-type.yaml (100%) rename {integrations => scanner}/nmap/values.yaml (84%) rename {integrations => scanner}/package-lock.json (99%) rename {integrations => scanner}/package.json (84%) rename {integrations => scanner}/ssh_scan/.helmignore (100%) rename {integrations => scanner}/ssh_scan/Chart.yaml (100%) rename {integrations => scanner}/ssh_scan/README.md (98%) rename {integrations => scanner}/ssh_scan/examples/example.com/scan.yaml (100%) rename {integrations => scanner}/ssh_scan/examples/localhost/findings.yaml (100%) rename {integrations => scanner}/ssh_scan/examples/localhost/scan.yaml (100%) rename {integrations => scanner}/ssh_scan/parser/Dockerfile (100%) rename {integrations => scanner}/ssh_scan/parser/__testFiles__/192.168.42.42.json (100%) rename {integrations => scanner}/ssh_scan/parser/__testFiles__/local-network.json (100%) rename {integrations => scanner}/ssh_scan/parser/__testFiles__/localhost.json (100%) rename {integrations => scanner}/ssh_scan/parser/__testFiles__/securecodebox.io.json (100%) rename {integrations => scanner}/ssh_scan/parser/parser.js (100%) rename {integrations => scanner}/ssh_scan/parser/parser.test.js (100%) rename {integrations => scanner}/ssh_scan/templates/ssh-scan-parse-definition.yaml (100%) rename {integrations => scanner}/ssh_scan/templates/ssh-scan-scan-type.yaml (100%) rename {integrations => scanner}/ssh_scan/values.yaml (100%) rename {integrations => scanner}/sslyze/.helmignore (100%) rename {integrations => scanner}/sslyze/Chart.yaml (100%) rename {integrations => scanner}/sslyze/README.md (99%) rename {integrations => scanner}/sslyze/examples/example.com/scan.yaml (100%) rename {integrations => scanner}/sslyze/examples/secureCodeBox.io/scan.yaml (100%) rename {integrations => scanner}/sslyze/parser/.dockerignore (100%) rename {integrations => scanner}/sslyze/parser/Dockerfile (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/expired.badssl.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/google.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/mixed-connectivity-result.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/revoked.badssl.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/self-signed.badssl.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/unavailible-host.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/wrong.host.badssl.com.json (100%) rename {integrations => scanner}/sslyze/parser/__testFiles__/www.securecodebox.io.json (100%) rename {integrations => scanner}/sslyze/parser/package-lock.json (100%) rename {integrations => scanner}/sslyze/parser/package.json (100%) rename {integrations => scanner}/sslyze/parser/parser.js (100%) rename {integrations => scanner}/sslyze/parser/parser.test.js (100%) rename {integrations => scanner}/sslyze/templates/sslyze-parse-definition.yaml (100%) rename {integrations => scanner}/sslyze/templates/sslyze-scan-type.yaml (100%) rename {integrations => scanner}/sslyze/values.yaml (100%) rename {integrations => scanner}/test-scan/.helmignore (100%) rename {integrations => scanner}/test-scan/Chart.yaml (100%) rename {integrations => scanner}/test-scan/parser/.dockerignore (100%) rename {integrations => scanner}/test-scan/parser/.gitignore (100%) rename {integrations => scanner}/test-scan/parser/Dockerfile (100%) rename {integrations => scanner}/test-scan/parser/package-lock.json (100%) rename {integrations => scanner}/test-scan/parser/package.json (100%) rename {integrations => scanner}/test-scan/parser/parser.js (100%) rename {integrations => scanner}/test-scan/scanner/Dockerfile (100%) rename {integrations => scanner}/test-scan/templates/test-scan-parse-definition.yaml (100%) rename {integrations => scanner}/test-scan/templates/test-scan-scan-type.yaml (100%) rename {integrations => scanner}/test-scan/values.yaml (100%) rename {integrations => scanner}/trivy/.helmignore (100%) rename {integrations => scanner}/trivy/Chart.yaml (100%) rename {integrations => scanner}/trivy/README.md (97%) rename {integrations => scanner}/trivy/examples/juice-shop/findings.yaml (100%) rename {integrations => scanner}/trivy/examples/juice-shop/scan.yaml (100%) rename {integrations => scanner}/trivy/examples/mediawiki/findings.yaml (100%) rename {integrations => scanner}/trivy/examples/mediawiki/scan.yaml (100%) rename {integrations => scanner}/trivy/parser/Dockerfile (100%) rename {integrations => scanner}/trivy/parser/__snapshots__/parser.test.js.snap (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/juice-shop-v10.2.0.json (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/mediawiki-1.27.3.json (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/mediawiki-stable.json (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/securecodebox-amass-unstable-pinned.json (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/securecodebox-engine.json (100%) rename {integrations => scanner}/trivy/parser/__testFiles__/securecodebox-ssh-unstable.json (100%) rename {integrations => scanner}/trivy/parser/parser.js (100%) rename {integrations => scanner}/trivy/parser/parser.test.js (100%) rename {integrations => scanner}/trivy/templates/trivy-parse-definition.yaml (100%) rename {integrations => scanner}/trivy/templates/trivy-scan-type.yaml (100%) rename {integrations => scanner}/trivy/values.yaml (100%) rename {integrations => scanner}/wpscan/.helmignore (100%) rename {integrations => scanner}/wpscan/Chart.yaml (100%) rename {integrations => scanner}/wpscan/README.md (98%) rename {integrations => scanner}/wpscan/examples/example.com/findings.yaml (100%) rename {integrations => scanner}/wpscan/examples/example.com/scan.yaml (100%) rename {integrations => scanner}/wpscan/parser/Dockerfile (100%) rename {integrations => scanner}/wpscan/parser/__testFiles__/empty-localhost.json (100%) rename {integrations => scanner}/wpscan/parser/__testFiles__/example-latest.json (100%) rename {integrations => scanner}/wpscan/parser/__testFiles__/example-old.json (100%) rename {integrations => scanner}/wpscan/parser/parser.js (100%) rename {integrations => scanner}/wpscan/parser/parser.test.js (100%) rename {integrations => scanner}/wpscan/templates/wpscan-parse-definition.yaml (100%) rename {integrations => scanner}/wpscan/templates/wpscan-scan-type.yaml (100%) rename {integrations => scanner}/wpscan/values.yaml (100%) rename {integrations => scanner}/zap/.helmignore (100%) rename {integrations => scanner}/zap/Chart.yaml (100%) rename {integrations => scanner}/zap/README.md (98%) rename {integrations => scanner}/zap/examples/.gitkeep (100%) rename {integrations => scanner}/zap/parser/Dockerfile (100%) rename {integrations => scanner}/zap/parser/__snapshots__/parser.test.js.snap (100%) rename {integrations => scanner}/zap/parser/__testFiles__/juice-shop.json (100%) rename {integrations => scanner}/zap/parser/parser.js (100%) rename {integrations => scanner}/zap/parser/parser.test.js (100%) rename {integrations => scanner}/zap/templates/zap-parse-definition.yaml (100%) rename {integrations => scanner}/zap/templates/zap-scan-type.yaml (100%) rename {integrations => scanner}/zap/values.yaml (100%) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 9e407804..bd4328be 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -10,7 +10,7 @@ jobs: run: ls - name: "Install npm dependencies in all parser sub projects" run: | - for dir in integrations/*/parser/ + for dir in scanner/*/parser/ do cd $dir if [ -f package.json ] && [ -f package-lock.json ]; then @@ -35,7 +35,7 @@ jobs: - name: "Install npm test dependencies" run: | npm ci - cd integrations/ + cd scanner/ npm ci cd - cd hooks/ @@ -109,7 +109,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-amass - path: ./integrations/amass/parser/ + path: ./scanner/amass/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -118,7 +118,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-kube-hunter - path: ./integrations/kube-hunter/parser/ + path: ./scanner/kube-hunter/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -127,7 +127,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-nikto - path: ./integrations/nikto/parser/ + path: ./scanner/nikto/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -136,7 +136,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-nmap - path: ./integrations/nmap/parser/ + path: ./scanner/nmap/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -145,7 +145,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-ssh-scan - path: ./integrations/ssh_scan/parser/ + path: ./scanner/ssh_scan/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -154,7 +154,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-sslyze - path: ./integrations/sslyze/parser/ + path: ./scanner/sslyze/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -163,7 +163,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-test-scan - path: ./integrations/test-scan/parser/ + path: ./scanner/test-scan/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -172,7 +172,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-trivy - path: ./integrations/trivy/parser/ + path: ./scanner/trivy/parser/ tag_with_ref: true tag_with_sha: true - uses: docker/build-push-action@v1 @@ -181,7 +181,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/parser-zap - path: ./integrations/zap/parser/ + path: ./scanner/zap/parser/ tag_with_ref: true tag_with_sha: true hookImages: @@ -252,7 +252,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/nmap - path: ./integrations/nmap/scanner/ + path: ./scanner/nmap/scanner/ # Note: not prefixed with a "v" as this seems to match nmap versioning standards tags: "7.80,7.80-1,latest" - uses: docker/build-push-action@v1 @@ -261,7 +261,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/kube-hunter - path: ./integrations/kube-hunter/scanner/ + path: ./scanner/kube-hunter/scanner/ # Note: not prefixed with a "v" as this matches the aquasec/kube-hunter tags tags: "0.3.0,latest" - uses: docker/build-push-action@v1 @@ -270,7 +270,7 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: scbexperimental/test-scan - path: ./integrations/test-scan/scanner/ + path: ./scanner/test-scan/scanner/ # Note: not prefixed with a "v" as this seems to match nmap versioning standards tags: "latest" integrationTests: @@ -336,23 +336,23 @@ jobs: --set="image.tag=sha-$(git rev-parse --short HEAD)" \ --set="attribute.name=severity" \ --set="attribute.value=high" - helm -n integration-tests install test-scan ./integrations/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install test-scan ./scanner/test-scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" cd tests/integration/ npx jest --ci --color read-write-hook helm -n integration-tests uninstall test-scan update-category update-severity - name: "nmap Integration Tests" run: | - helm -n integration-tests install nmap ./integrations/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install nmap ./scanner/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" cd tests/integration/ npx jest --ci --color nmap - name: "kube-hunter Integration Tests" run: | - helm -n integration-tests install kube-hunter ./integrations/kube-hunter/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install kube-hunter ./scanner/kube-hunter/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" cd tests/integration/ npx jest --ci --color kube-hunter - name: "ssh-scan Integration Tests" run: | - helm -n integration-tests install ssh-scan ./integrations/ssh_scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" + helm -n integration-tests install ssh-scan ./scanner/ssh_scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)" # Install dummy-ssh app helm -n demo-apps install dummy-ssh ./demo-apps/dummy-ssh/ --wait cd tests/integration/ diff --git a/README.md b/README.md index e136f7e3..588d02ea 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ - [Purpose of this Project](#purpose-of-this-project) - [Quickstart](#quickstart) - [Prerequisites](#prerequisites) - - [Deployment](#deployment) + - [Deployment (based on Helm)](#deployment-based-on-helm) - [Examples](#examples) - [Access Services](#access-services) - [How does it work?](#how-does-it-work) @@ -58,14 +58,14 @@ There is a german article about [Security DevOps – Angreifern (immer) einen Sc - kubernetes (last 4 mayor releases supported: `1.15`, `1.16`, `1.17` & `1.18`) -### Deployment +### Deployment (based on Helm) ```bash -# Deploy secureCodeBox Operator +# Deploy the secureCodeBox Operator first kubectl create namespace securecodebox-system -helm -n securecodebox-system install securecodebox-operator ./operator/ --set image.tag=hooks +helm -n securecodebox-system install securecodebox-operator ./operator/ -# Deploy definitions for the integrated scanners +# Deploy SCB scanner Charts for each security scanner you want to use (all optional) helm upgrade --install amass ./integrations/amass/ helm upgrade --install kube-hunter ./integrations/kube-hunter/ helm upgrade --install nikto ./integrations/nikto @@ -80,12 +80,12 @@ helm upgrade --install wpscan ./integrations/wpscan/ helm upgrade --install dummy-ssh ./demo-apps/dummy-ssh/ # Deploy secureCodeBox Hooks -helm upgrade --install add-attributes ./hooks/add-attributes/ -helm upgrade --install generic-webhook ./hooks/generic-webhook/ -helm upgrade --install imperative-subsequent-scans ./hooks/imperative-subsequent-scans/ +helm upgrade --install aah ./hooks/add-attributes/ +helm upgrade --install gwh ./hooks/generic-webhook/ +helm upgrade --install issh ./hooks/imperative-subsequent-scans/ ## Persistence Provider: Elasticsearch -helm upgrade --install persistence-elastic ./hooks/persistence-elastic/ +helm upgrade --install elkh ./hooks/persistence-elastic/ ``` ### Examples @@ -116,11 +116,11 @@ kubectl get scans ### Access Services -* Minio UI +* Minio UI: * AccessKey: `kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.accesskey}' | base64 --decode; echo` * SecretKey: `kubectl get secret securecodebox-operator-minio -n securecodebox-system -o=jsonpath='{.data.secretkey}' | base64 --decode; echo` * Port Forward Minio UI: `kubectl port-forward -n securecodebox-system service/securecodebox-operator-minio 9000:9000` -* Elastic / Kibana UI +* Elastic / Kibana UI: * User: `elastic` * Password: `kubectl get secret scb-elasticsearch-es-elastic-user -n scb-analytics -o=jsonpath='{.data.elastic}' | base64 --decode; echo` * Port Forward Kibana: `kubectl port-forward -n default service/persistence-elastic-kibana 5601:5601` diff --git a/hooks/imperative-subsequent-scans/hook.js b/hooks/imperative-subsequent-scans/hook.js index a2faa966..b3245c6f 100644 --- a/hooks/imperative-subsequent-scans/hook.js +++ b/hooks/imperative-subsequent-scans/hook.js @@ -54,7 +54,8 @@ async function handle({ if ( cascadeNmapSmb && finding.attributes.port === 445 && - finding.attributes.service === "microsoft-ds" + (finding.attributes.service === "microsoft-ds" || + finding.attributes.service === "netbios-ssn") ) { await startSMBScan({ parentScan: scan, diff --git a/hooks/imperative-subsequent-scans/scan-helpers.js b/hooks/imperative-subsequent-scans/scan-helpers.js index 27ddc5c0..4326aca6 100644 --- a/hooks/imperative-subsequent-scans/scan-helpers.js +++ b/hooks/imperative-subsequent-scans/scan-helpers.js @@ -21,7 +21,7 @@ async function startSubsequentSecureCodeBoxScan({ ...parentScan.metadata.labels, }, annotations: { - "securecodebox.io/hook": "nmap-subsequent-scans", + "securecodebox.io/hook": "imperative-subsequent-scans", "securecodebox.io/parent-scan": parentScan.metadata.name, }, ownerReferences: [ diff --git a/hooks/imperative-subsequent-scans/values.yaml b/hooks/imperative-subsequent-scans/values.yaml index 8a31525e..2602e491 100644 --- a/hooks/imperative-subsequent-scans/values.yaml +++ b/hooks/imperative-subsequent-scans/values.yaml @@ -6,15 +6,15 @@ cascade: # Cascade nmap scans for each subdomain found by amass amassNmap: true # Cascade nmap SMB scans for each SMB Port found by nmap - nmapSmb: false + nmapSmb: true # Cascade SSH scans for each SSH Port found by nmap - nmapSsh: false + nmapSsh: true # Cascade SSL scans for each HTTP Port found by nmap - nmapSsl: false + nmapSsl: true # Cascade Nikto scans for each HTTP Port found by nmap - nmapNikto: false + nmapNikto: true # Cascade ZAP scans for each HTTP Port found by nmap - nmapZapBaseline: false + nmapZapBaseline: true image: registry: docker.io diff --git a/hooks/persistence-elastic/templates/persistence-provider.yaml b/hooks/persistence-elastic/templates/persistence-provider.yaml index 4cb9934f..330198d3 100644 --- a/hooks/persistence-elastic/templates/persistence-provider.yaml +++ b/hooks/persistence-elastic/templates/persistence-provider.yaml @@ -1,7 +1,7 @@ apiVersion: "execution.experimental.securecodebox.io/v1" kind: ScanCompletionHook metadata: - name: {{ include "persistence-elastic.fullname" . }} + name: {{ .Release.Name }} labels: type: Structured spec: diff --git a/hooks/persistence-elastic/values.yaml b/hooks/persistence-elastic/values.yaml index 20ecb6d8..0eb33a06 100644 --- a/hooks/persistence-elastic/values.yaml +++ b/hooks/persistence-elastic/values.yaml @@ -5,8 +5,8 @@ image: registry: docker.io repository: scbexperimental/persistence-elastic - tag: null - digest: sha256:25e860d051de0fb7ecb74508d749909d9ec8b5d49cb10466509777bc98e3ec7a + tag: hooks + digest: null indexPrefix: "scbv2" diff --git a/operator/Chart.yaml b/operator/Chart.yaml index a0f7d8b9..7436aef8 100644 --- a/operator/Chart.yaml +++ b/operator/Chart.yaml @@ -6,7 +6,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 0.1.0 +version: 0.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. diff --git a/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml deleted file mode 100644 index a607f69e..00000000 --- a/operator/config/samples/execution_v1_scan/amass_securecodebox_io.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "amass-securecodebox.io" - labels: - organization: "secureCodeBox" -spec: - scanType: "amass" - parameters: - - "-noalts" - - "-norecursive" - - "-d" - - "securecodebox.io" diff --git a/operator/config/samples/execution_v1_scan/kube-hunter_in_cluster.yaml b/operator/config/samples/execution_v1_scan/kube-hunter_in_cluster.yaml deleted file mode 100644 index e1b8aa8d..00000000 --- a/operator/config/samples/execution_v1_scan/kube-hunter_in_cluster.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "kube-hunter-in-cluster" -spec: - scanType: "kube-hunter" - parameters: - - "--pod" diff --git a/operator/config/samples/execution_v1_scan/nikto_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/nikto_securecodebox_io.yaml deleted file mode 100644 index 43496fa4..00000000 --- a/operator/config/samples/execution_v1_scan/nikto_securecodebox_io.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: 'execution.experimental.securecodebox.io/v1' -kind: Scan -metadata: - name: 'nikto-www.securecodebox.io' - labels: - organization: 'secureCodeBox' -spec: - scanType: 'nikto' - parameters: - - '-h' - - 'https://www.securecodebox.io' - - '-Tuning' - # Only enable fast (ish) Scan Options, remove attack option like SQLi and RCE. We will leave those to ZAP - - '1,2,3,5,7,b' diff --git a/operator/config/samples/execution_v1_scan/nmap_localhost.yaml b/operator/config/samples/execution_v1_scan/nmap_localhost.yaml deleted file mode 100644 index 7acfcf5b..00000000 --- a/operator/config/samples/execution_v1_scan/nmap_localhost.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: execution.experimental.securecodebox.io/v1 -kind: Scan -metadata: - name: nmap-localhost -spec: - parameters: - - -Pn - - localhost - scanType: nmap diff --git a/operator/config/samples/execution_v1_scan/nmap_scanme_nmap_org.yaml b/operator/config/samples/execution_v1_scan/nmap_scanme_nmap_org.yaml deleted file mode 100644 index dad0121f..00000000 --- a/operator/config/samples/execution_v1_scan/nmap_scanme_nmap_org.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "nmap-scanme.nmap.org" -spec: - scanType: "nmap" - parameters: - - scanme.nmap.org diff --git a/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml deleted file mode 100644 index 15407835..00000000 --- a/operator/config/samples/execution_v1_scan/nmap_securecodebox_io.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: execution.experimental.securecodebox.io/v1 -kind: Scan -metadata: - name: nmap-securecodebox.io -spec: - parameters: - - -Pn - - secureCodeBox.io - scanType: nmap diff --git a/operator/config/samples/execution_v1_scan/ssh_iteratec_de.yaml b/operator/config/samples/execution_v1_scan/ssh_iteratec_de.yaml deleted file mode 100644 index 394bb369..00000000 --- a/operator/config/samples/execution_v1_scan/ssh_iteratec_de.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "ssh-iteratec.de" - labels: - company: iteratec -spec: - scanType: "ssh-scan" - parameters: - - "-t" - - www.iteratec.de diff --git a/operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml b/operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml deleted file mode 100644 index bbd53c1c..00000000 --- a/operator/config/samples/execution_v1_scan/sslyze_securecodebox_io.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "sslyze-securecodebox.io" - labels: - organization: "secureCodeBox" -spec: - scanType: "sslyze" - parameters: - - "--regular" - - "securecodebox.io" diff --git a/operator/config/samples/execution_v1_scan/test-scan.yaml b/operator/config/samples/execution_v1_scan/test-scan.yaml deleted file mode 100644 index 55d7b8f6..00000000 --- a/operator/config/samples/execution_v1_scan/test-scan.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: execution.experimental.securecodebox.io/v1 -kind: Scan -metadata: - name: test-scan -spec: - scanType: test-scan - parameters: [] diff --git a/operator/config/samples/execution_v1_scan/trivy_juiceshop.yaml b/operator/config/samples/execution_v1_scan/trivy_juiceshop.yaml deleted file mode 100644 index 3992a6fd..00000000 --- a/operator/config/samples/execution_v1_scan/trivy_juiceshop.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "trivy-juiceshop" - labels: - organization: "OWASP" -spec: - scanType: "trivy" - parameters: - - "bkimminich/juice-shop:v10.2.0" diff --git a/operator/config/samples/execution_v1_scan/trivy_mediawiki.yaml b/operator/config/samples/execution_v1_scan/trivy_mediawiki.yaml deleted file mode 100644 index 9ea8fc1f..00000000 --- a/operator/config/samples/execution_v1_scan/trivy_mediawiki.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "trivy-mediawiki" -spec: - scanType: "trivy" - parameters: - - "mediawiki:stable" diff --git a/operator/config/samples/execution_v1_scan/zap_juiceshop.yaml b/operator/config/samples/execution_v1_scan/zap_juiceshop.yaml deleted file mode 100644 index 4a66fe91..00000000 --- a/operator/config/samples/execution_v1_scan/zap_juiceshop.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: "execution.experimental.securecodebox.io/v1" -kind: Scan -metadata: - name: "zap-juiceshop" - labels: - organization: "OWASP" -spec: - scanType: "zap-baseline" - parameters: - - "-t" - - "http://juice-shop.demo-targets.svc:3000" diff --git a/operator/templates/manager/manager.yaml b/operator/templates/manager/manager.yaml index 458bd20b..2ee84703 100644 --- a/operator/templates/manager/manager.yaml +++ b/operator/templates/manager/manager.yaml @@ -81,10 +81,5 @@ spec: - name: LURCHER_PULL_POLICY value: {{ .Values.lurcher.image.pullPolicy }} resources: - limits: - cpu: 100m - memory: 30Mi - requests: - cpu: 100m - memory: 20Mi + {{- toYaml .Values.resources | nindent 12 }} terminationGracePeriodSeconds: 10 diff --git a/operator/values.yaml b/operator/values.yaml index fd26a99c..2a6e396d 100644 --- a/operator/values.yaml +++ b/operator/values.yaml @@ -35,3 +35,14 @@ s3: # Example creation via kubectl: # kubectl create secret generic my-secret --from-literal=accessKey="******" --from-literal=secretKey="******" keySecret: my-secret + +# +# Config for the operator ressource limits +# +resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi \ No newline at end of file diff --git a/package.json b/package.json index 293f0ba0..a300945f 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,7 @@ }, "jest": { "projects": [ - "/integrations/", + "/scanner/", "/hooks/", { "displayName": "lint", diff --git a/integrations/.gitignore b/scanner/.gitignore similarity index 100% rename from integrations/.gitignore rename to scanner/.gitignore diff --git a/integrations/amass/.helmignore b/scanner/amass/.helmignore similarity index 100% rename from integrations/amass/.helmignore rename to scanner/amass/.helmignore diff --git a/integrations/amass/Chart.yaml b/scanner/amass/Chart.yaml similarity index 100% rename from integrations/amass/Chart.yaml rename to scanner/amass/Chart.yaml diff --git a/integrations/amass/README.md b/scanner/amass/README.md similarity index 97% rename from integrations/amass/README.md rename to scanner/amass/README.md index 22a50803..5a0cdbf2 100644 --- a/integrations/amass/README.md +++ b/scanner/amass/README.md @@ -16,7 +16,7 @@ The OWASP Amass Project has developed a tool to help information security profes The AMASS scanType can be deployed via helm. ```bash -helm upgrade --install amass ./integrations/amass/ +helm upgrade --install amass ./scanner/amass/ ``` ## Examples diff --git a/integrations/amass/examples/example.com/scan.yaml b/scanner/amass/examples/example.com/scan.yaml similarity index 100% rename from integrations/amass/examples/example.com/scan.yaml rename to scanner/amass/examples/example.com/scan.yaml diff --git a/integrations/amass/examples/secureCodeBox.io/scan.yaml b/scanner/amass/examples/secureCodeBox.io/scan.yaml similarity index 100% rename from integrations/amass/examples/secureCodeBox.io/scan.yaml rename to scanner/amass/examples/secureCodeBox.io/scan.yaml diff --git a/integrations/amass/parser/Dockerfile b/scanner/amass/parser/Dockerfile similarity index 100% rename from integrations/amass/parser/Dockerfile rename to scanner/amass/parser/Dockerfile diff --git a/integrations/amass/parser/__snapshots__/parser.test.js.snap b/scanner/amass/parser/__snapshots__/parser.test.js.snap similarity index 100% rename from integrations/amass/parser/__snapshots__/parser.test.js.snap rename to scanner/amass/parser/__snapshots__/parser.test.js.snap diff --git a/integrations/amass/parser/__testFiles__/securecodebox.io.jsonl b/scanner/amass/parser/__testFiles__/securecodebox.io.jsonl similarity index 100% rename from integrations/amass/parser/__testFiles__/securecodebox.io.jsonl rename to scanner/amass/parser/__testFiles__/securecodebox.io.jsonl diff --git a/integrations/amass/parser/parser.js b/scanner/amass/parser/parser.js similarity index 100% rename from integrations/amass/parser/parser.js rename to scanner/amass/parser/parser.js diff --git a/integrations/amass/parser/parser.test.js b/scanner/amass/parser/parser.test.js similarity index 100% rename from integrations/amass/parser/parser.test.js rename to scanner/amass/parser/parser.test.js diff --git a/integrations/amass/templates/amass-parse-definition.yaml b/scanner/amass/templates/amass-parse-definition.yaml similarity index 100% rename from integrations/amass/templates/amass-parse-definition.yaml rename to scanner/amass/templates/amass-parse-definition.yaml diff --git a/integrations/amass/templates/amass-scan-type.yaml b/scanner/amass/templates/amass-scan-type.yaml similarity index 100% rename from integrations/amass/templates/amass-scan-type.yaml rename to scanner/amass/templates/amass-scan-type.yaml diff --git a/integrations/amass/values.yaml b/scanner/amass/values.yaml similarity index 100% rename from integrations/amass/values.yaml rename to scanner/amass/values.yaml diff --git a/integrations/http-webhook/.helmignore b/scanner/http-webhook/.helmignore similarity index 100% rename from integrations/http-webhook/.helmignore rename to scanner/http-webhook/.helmignore diff --git a/integrations/http-webhook/Chart.yaml b/scanner/http-webhook/Chart.yaml similarity index 100% rename from integrations/http-webhook/Chart.yaml rename to scanner/http-webhook/Chart.yaml diff --git a/integrations/http-webhook/templates/NOTES.txt b/scanner/http-webhook/templates/NOTES.txt similarity index 100% rename from integrations/http-webhook/templates/NOTES.txt rename to scanner/http-webhook/templates/NOTES.txt diff --git a/integrations/http-webhook/templates/_helpers.tpl b/scanner/http-webhook/templates/_helpers.tpl similarity index 100% rename from integrations/http-webhook/templates/_helpers.tpl rename to scanner/http-webhook/templates/_helpers.tpl diff --git a/integrations/http-webhook/templates/deployment.yaml b/scanner/http-webhook/templates/deployment.yaml similarity index 100% rename from integrations/http-webhook/templates/deployment.yaml rename to scanner/http-webhook/templates/deployment.yaml diff --git a/integrations/http-webhook/templates/hpa.yaml b/scanner/http-webhook/templates/hpa.yaml similarity index 100% rename from integrations/http-webhook/templates/hpa.yaml rename to scanner/http-webhook/templates/hpa.yaml diff --git a/integrations/http-webhook/templates/ingress.yaml b/scanner/http-webhook/templates/ingress.yaml similarity index 100% rename from integrations/http-webhook/templates/ingress.yaml rename to scanner/http-webhook/templates/ingress.yaml diff --git a/integrations/http-webhook/templates/service.yaml b/scanner/http-webhook/templates/service.yaml similarity index 100% rename from integrations/http-webhook/templates/service.yaml rename to scanner/http-webhook/templates/service.yaml diff --git a/integrations/http-webhook/templates/serviceaccount.yaml b/scanner/http-webhook/templates/serviceaccount.yaml similarity index 100% rename from integrations/http-webhook/templates/serviceaccount.yaml rename to scanner/http-webhook/templates/serviceaccount.yaml diff --git a/integrations/http-webhook/templates/tests/test-connection.yaml b/scanner/http-webhook/templates/tests/test-connection.yaml similarity index 100% rename from integrations/http-webhook/templates/tests/test-connection.yaml rename to scanner/http-webhook/templates/tests/test-connection.yaml diff --git a/integrations/http-webhook/values.yaml b/scanner/http-webhook/values.yaml similarity index 100% rename from integrations/http-webhook/values.yaml rename to scanner/http-webhook/values.yaml diff --git a/integrations/kube-hunter/.helmignore b/scanner/kube-hunter/.helmignore similarity index 100% rename from integrations/kube-hunter/.helmignore rename to scanner/kube-hunter/.helmignore diff --git a/integrations/kube-hunter/Chart.yaml b/scanner/kube-hunter/Chart.yaml similarity index 100% rename from integrations/kube-hunter/Chart.yaml rename to scanner/kube-hunter/Chart.yaml diff --git a/integrations/kube-hunter/README.md b/scanner/kube-hunter/README.md similarity index 96% rename from integrations/kube-hunter/README.md rename to scanner/kube-hunter/README.md index a60ceb19..69ce4b44 100644 --- a/integrations/kube-hunter/README.md +++ b/scanner/kube-hunter/README.md @@ -16,7 +16,7 @@ To learn more about the kube-hunter scanner itself visit [kube-hunter GitHub] or The kube-hunter ScanType can be deployed via helm. ```bash -helm upgrade --install kube-hunter ./integrations/kube-hunter/ +helm upgrade --install kube-hunter ./scanner/kube-hunter/ ``` ## Examples diff --git a/integrations/kube-hunter/examples/in-cluster/findings.json b/scanner/kube-hunter/examples/in-cluster/findings.json similarity index 100% rename from integrations/kube-hunter/examples/in-cluster/findings.json rename to scanner/kube-hunter/examples/in-cluster/findings.json diff --git a/integrations/kube-hunter/examples/in-cluster/scan.yaml b/scanner/kube-hunter/examples/in-cluster/scan.yaml similarity index 100% rename from integrations/kube-hunter/examples/in-cluster/scan.yaml rename to scanner/kube-hunter/examples/in-cluster/scan.yaml diff --git a/integrations/kube-hunter/parser/Dockerfile b/scanner/kube-hunter/parser/Dockerfile similarity index 100% rename from integrations/kube-hunter/parser/Dockerfile rename to scanner/kube-hunter/parser/Dockerfile diff --git a/integrations/kube-hunter/parser/__snapshots__/parser.test.js.snap b/scanner/kube-hunter/parser/__snapshots__/parser.test.js.snap similarity index 100% rename from integrations/kube-hunter/parser/__snapshots__/parser.test.js.snap rename to scanner/kube-hunter/parser/__snapshots__/parser.test.js.snap diff --git a/integrations/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json b/scanner/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json similarity index 100% rename from integrations/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json rename to scanner/kube-hunter/parser/__testFiles__/kind-1.18-in-cluster-scan.json diff --git a/integrations/kube-hunter/parser/parser.js b/scanner/kube-hunter/parser/parser.js similarity index 100% rename from integrations/kube-hunter/parser/parser.js rename to scanner/kube-hunter/parser/parser.js diff --git a/integrations/kube-hunter/parser/parser.test.js b/scanner/kube-hunter/parser/parser.test.js similarity index 100% rename from integrations/kube-hunter/parser/parser.test.js rename to scanner/kube-hunter/parser/parser.test.js diff --git a/integrations/kube-hunter/scanner/Dockerfile b/scanner/kube-hunter/scanner/Dockerfile similarity index 100% rename from integrations/kube-hunter/scanner/Dockerfile rename to scanner/kube-hunter/scanner/Dockerfile diff --git a/integrations/kube-hunter/scanner/wrapper.sh b/scanner/kube-hunter/scanner/wrapper.sh similarity index 100% rename from integrations/kube-hunter/scanner/wrapper.sh rename to scanner/kube-hunter/scanner/wrapper.sh diff --git a/integrations/kube-hunter/templates/kube-hunter-parse-definition.yaml b/scanner/kube-hunter/templates/kube-hunter-parse-definition.yaml similarity index 100% rename from integrations/kube-hunter/templates/kube-hunter-parse-definition.yaml rename to scanner/kube-hunter/templates/kube-hunter-parse-definition.yaml diff --git a/integrations/kube-hunter/templates/kubehunter-scan-type.yaml b/scanner/kube-hunter/templates/kubehunter-scan-type.yaml similarity index 100% rename from integrations/kube-hunter/templates/kubehunter-scan-type.yaml rename to scanner/kube-hunter/templates/kubehunter-scan-type.yaml diff --git a/integrations/kube-hunter/values.yaml b/scanner/kube-hunter/values.yaml similarity index 100% rename from integrations/kube-hunter/values.yaml rename to scanner/kube-hunter/values.yaml diff --git a/integrations/nikto/.helmignore b/scanner/nikto/.helmignore similarity index 100% rename from integrations/nikto/.helmignore rename to scanner/nikto/.helmignore diff --git a/integrations/nikto/Chart.yaml b/scanner/nikto/Chart.yaml similarity index 100% rename from integrations/nikto/Chart.yaml rename to scanner/nikto/Chart.yaml diff --git a/integrations/nikto/README.md b/scanner/nikto/README.md similarity index 100% rename from integrations/nikto/README.md rename to scanner/nikto/README.md diff --git a/integrations/nikto/examples/secureCodeBox.io/scan.yaml b/scanner/nikto/examples/secureCodeBox.io/scan.yaml similarity index 100% rename from integrations/nikto/examples/secureCodeBox.io/scan.yaml rename to scanner/nikto/examples/secureCodeBox.io/scan.yaml diff --git a/integrations/nikto/parser/Dockerfile b/scanner/nikto/parser/Dockerfile similarity index 100% rename from integrations/nikto/parser/Dockerfile rename to scanner/nikto/parser/Dockerfile diff --git a/integrations/nikto/parser/__snapshots__/parser.test.js.snap b/scanner/nikto/parser/__snapshots__/parser.test.js.snap similarity index 100% rename from integrations/nikto/parser/__snapshots__/parser.test.js.snap rename to scanner/nikto/parser/__snapshots__/parser.test.js.snap diff --git a/integrations/nikto/parser/__testFiles__/juice-shop.json b/scanner/nikto/parser/__testFiles__/juice-shop.json similarity index 100% rename from integrations/nikto/parser/__testFiles__/juice-shop.json rename to scanner/nikto/parser/__testFiles__/juice-shop.json diff --git a/integrations/nikto/parser/__testFiles__/www.securecodebox.io.json b/scanner/nikto/parser/__testFiles__/www.securecodebox.io.json similarity index 100% rename from integrations/nikto/parser/__testFiles__/www.securecodebox.io.json rename to scanner/nikto/parser/__testFiles__/www.securecodebox.io.json diff --git a/integrations/nikto/parser/parser.js b/scanner/nikto/parser/parser.js similarity index 100% rename from integrations/nikto/parser/parser.js rename to scanner/nikto/parser/parser.js diff --git a/integrations/nikto/parser/parser.test.js b/scanner/nikto/parser/parser.test.js similarity index 100% rename from integrations/nikto/parser/parser.test.js rename to scanner/nikto/parser/parser.test.js diff --git a/integrations/nikto/scanner/Dockerfile b/scanner/nikto/scanner/Dockerfile similarity index 100% rename from integrations/nikto/scanner/Dockerfile rename to scanner/nikto/scanner/Dockerfile diff --git a/integrations/nikto/scanner/wrapper.sh b/scanner/nikto/scanner/wrapper.sh similarity index 100% rename from integrations/nikto/scanner/wrapper.sh rename to scanner/nikto/scanner/wrapper.sh diff --git a/integrations/nikto/templates/nikto-parse-definition.yaml b/scanner/nikto/templates/nikto-parse-definition.yaml similarity index 100% rename from integrations/nikto/templates/nikto-parse-definition.yaml rename to scanner/nikto/templates/nikto-parse-definition.yaml diff --git a/integrations/nikto/templates/nikto-scan-type.yaml b/scanner/nikto/templates/nikto-scan-type.yaml similarity index 100% rename from integrations/nikto/templates/nikto-scan-type.yaml rename to scanner/nikto/templates/nikto-scan-type.yaml diff --git a/integrations/nikto/values.yaml b/scanner/nikto/values.yaml similarity index 100% rename from integrations/nikto/values.yaml rename to scanner/nikto/values.yaml diff --git a/integrations/nmap/.helmignore b/scanner/nmap/.helmignore similarity index 100% rename from integrations/nmap/.helmignore rename to scanner/nmap/.helmignore diff --git a/integrations/nmap/Chart.yaml b/scanner/nmap/Chart.yaml similarity index 100% rename from integrations/nmap/Chart.yaml rename to scanner/nmap/Chart.yaml diff --git a/integrations/nmap/readme.md b/scanner/nmap/README.md similarity index 98% rename from integrations/nmap/readme.md rename to scanner/nmap/README.md index 2e20ec88..18444c29 100644 --- a/integrations/nmap/readme.md +++ b/scanner/nmap/README.md @@ -18,7 +18,7 @@ To learn more about the Nmap scanner itself visit [nmap.org]. The Nmap ScanType can be deployed via helm. ```bash -helm install nmap ./integrations/nmap/ +helm install nmap ./scanner/nmap/ ``` ## Examples diff --git a/integrations/nmap/examples/local-network/findings.yaml b/scanner/nmap/examples/local-network/findings.yaml similarity index 100% rename from integrations/nmap/examples/local-network/findings.yaml rename to scanner/nmap/examples/local-network/findings.yaml diff --git a/integrations/nmap/examples/local-network/scan.yaml b/scanner/nmap/examples/local-network/scan.yaml similarity index 100% rename from integrations/nmap/examples/local-network/scan.yaml rename to scanner/nmap/examples/local-network/scan.yaml diff --git a/integrations/nmap/examples/localhost/findings.yaml b/scanner/nmap/examples/localhost/findings.yaml similarity index 100% rename from integrations/nmap/examples/localhost/findings.yaml rename to scanner/nmap/examples/localhost/findings.yaml diff --git a/integrations/nmap/examples/localhost/scan.yaml b/scanner/nmap/examples/localhost/scan.yaml similarity index 100% rename from integrations/nmap/examples/localhost/scan.yaml rename to scanner/nmap/examples/localhost/scan.yaml diff --git a/integrations/nmap/examples/scan.nmap.org/findings.yaml b/scanner/nmap/examples/scan.nmap.org/findings.yaml similarity index 100% rename from integrations/nmap/examples/scan.nmap.org/findings.yaml rename to scanner/nmap/examples/scan.nmap.org/findings.yaml diff --git a/integrations/nmap/examples/scan.nmap.org/scan.yaml b/scanner/nmap/examples/scan.nmap.org/scan.yaml similarity index 100% rename from integrations/nmap/examples/scan.nmap.org/scan.yaml rename to scanner/nmap/examples/scan.nmap.org/scan.yaml diff --git a/integrations/nmap/parser/.dockerignore b/scanner/nmap/parser/.dockerignore similarity index 100% rename from integrations/nmap/parser/.dockerignore rename to scanner/nmap/parser/.dockerignore diff --git a/integrations/nmap/parser/.gitignore b/scanner/nmap/parser/.gitignore similarity index 100% rename from integrations/nmap/parser/.gitignore rename to scanner/nmap/parser/.gitignore diff --git a/integrations/nmap/parser/Dockerfile b/scanner/nmap/parser/Dockerfile similarity index 100% rename from integrations/nmap/parser/Dockerfile rename to scanner/nmap/parser/Dockerfile diff --git a/integrations/nmap/parser/__testFiles__/localhost-smb-script.xml b/scanner/nmap/parser/__testFiles__/localhost-smb-script.xml similarity index 100% rename from integrations/nmap/parser/__testFiles__/localhost-smb-script.xml rename to scanner/nmap/parser/__testFiles__/localhost-smb-script.xml diff --git a/integrations/nmap/parser/__testFiles__/localhost.xml b/scanner/nmap/parser/__testFiles__/localhost.xml similarity index 100% rename from integrations/nmap/parser/__testFiles__/localhost.xml rename to scanner/nmap/parser/__testFiles__/localhost.xml diff --git a/integrations/nmap/parser/__testFiles__/no-host.xml b/scanner/nmap/parser/__testFiles__/no-host.xml similarity index 100% rename from integrations/nmap/parser/__testFiles__/no-host.xml rename to scanner/nmap/parser/__testFiles__/no-host.xml diff --git a/integrations/nmap/parser/__testFiles__/no-ports.xml b/scanner/nmap/parser/__testFiles__/no-ports.xml similarity index 100% rename from integrations/nmap/parser/__testFiles__/no-ports.xml rename to scanner/nmap/parser/__testFiles__/no-ports.xml diff --git a/integrations/nmap/parser/package-lock.json b/scanner/nmap/parser/package-lock.json similarity index 100% rename from integrations/nmap/parser/package-lock.json rename to scanner/nmap/parser/package-lock.json diff --git a/integrations/nmap/parser/package.json b/scanner/nmap/parser/package.json similarity index 100% rename from integrations/nmap/parser/package.json rename to scanner/nmap/parser/package.json diff --git a/integrations/nmap/parser/parser.js b/scanner/nmap/parser/parser.js similarity index 100% rename from integrations/nmap/parser/parser.js rename to scanner/nmap/parser/parser.js diff --git a/integrations/nmap/parser/parser.test.js b/scanner/nmap/parser/parser.test.js similarity index 100% rename from integrations/nmap/parser/parser.test.js rename to scanner/nmap/parser/parser.test.js diff --git a/integrations/nmap/scanner/Dockerfile b/scanner/nmap/scanner/Dockerfile similarity index 100% rename from integrations/nmap/scanner/Dockerfile rename to scanner/nmap/scanner/Dockerfile diff --git a/integrations/nmap/templates/nmap-parse-definition.yaml b/scanner/nmap/templates/nmap-parse-definition.yaml similarity index 100% rename from integrations/nmap/templates/nmap-parse-definition.yaml rename to scanner/nmap/templates/nmap-parse-definition.yaml diff --git a/integrations/nmap/templates/nmap-scan-type.yaml b/scanner/nmap/templates/nmap-scan-type.yaml similarity index 100% rename from integrations/nmap/templates/nmap-scan-type.yaml rename to scanner/nmap/templates/nmap-scan-type.yaml diff --git a/integrations/nmap/values.yaml b/scanner/nmap/values.yaml similarity index 84% rename from integrations/nmap/values.yaml rename to scanner/nmap/values.yaml index 516187d7..7d3052d5 100644 --- a/integrations/nmap/values.yaml +++ b/scanner/nmap/values.yaml @@ -1,4 +1,4 @@ parserImage: registry: docker.io repository: scbexperimental/parser-nmap - tag: latest + tag: hooks diff --git a/integrations/package-lock.json b/scanner/package-lock.json similarity index 99% rename from integrations/package-lock.json rename to scanner/package-lock.json index 8361dec0..9a06f1ed 100644 --- a/integrations/package-lock.json +++ b/scanner/package-lock.json @@ -1,5 +1,5 @@ { - "name": "securecodebox-scanner-integrations", + "name": "securecodebox-scanner", "version": "1.0.0", "lockfileVersion": 1, "requires": true, diff --git a/integrations/package.json b/scanner/package.json similarity index 84% rename from integrations/package.json rename to scanner/package.json index 10344210..74a488d9 100644 --- a/integrations/package.json +++ b/scanner/package.json @@ -1,5 +1,5 @@ { - "name": "securecodebox-scanner-integrations", + "name": "securecodebox-scanner", "version": "1.0.0", "description": "", "main": "index.js", diff --git a/integrations/ssh_scan/.helmignore b/scanner/ssh_scan/.helmignore similarity index 100% rename from integrations/ssh_scan/.helmignore rename to scanner/ssh_scan/.helmignore diff --git a/integrations/ssh_scan/Chart.yaml b/scanner/ssh_scan/Chart.yaml similarity index 100% rename from integrations/ssh_scan/Chart.yaml rename to scanner/ssh_scan/Chart.yaml diff --git a/integrations/ssh_scan/README.md b/scanner/ssh_scan/README.md similarity index 98% rename from integrations/ssh_scan/README.md rename to scanner/ssh_scan/README.md index 825e0193..a5dd22a0 100644 --- a/integrations/ssh_scan/README.md +++ b/scanner/ssh_scan/README.md @@ -17,7 +17,7 @@ To learn more about the ssh_scan scanner itself visit [ssh_scan GitHub]. The SSH_scan ScanType can be deployed via helm. ```bash -helm upgrade --install ssh ./integrations/ssh_scan/ +helm upgrade --install ssh ./scanner/ssh_scan/ ``` ## Examples diff --git a/integrations/ssh_scan/examples/example.com/scan.yaml b/scanner/ssh_scan/examples/example.com/scan.yaml similarity index 100% rename from integrations/ssh_scan/examples/example.com/scan.yaml rename to scanner/ssh_scan/examples/example.com/scan.yaml diff --git a/integrations/ssh_scan/examples/localhost/findings.yaml b/scanner/ssh_scan/examples/localhost/findings.yaml similarity index 100% rename from integrations/ssh_scan/examples/localhost/findings.yaml rename to scanner/ssh_scan/examples/localhost/findings.yaml diff --git a/integrations/ssh_scan/examples/localhost/scan.yaml b/scanner/ssh_scan/examples/localhost/scan.yaml similarity index 100% rename from integrations/ssh_scan/examples/localhost/scan.yaml rename to scanner/ssh_scan/examples/localhost/scan.yaml diff --git a/integrations/ssh_scan/parser/Dockerfile b/scanner/ssh_scan/parser/Dockerfile similarity index 100% rename from integrations/ssh_scan/parser/Dockerfile rename to scanner/ssh_scan/parser/Dockerfile diff --git a/integrations/ssh_scan/parser/__testFiles__/192.168.42.42.json b/scanner/ssh_scan/parser/__testFiles__/192.168.42.42.json similarity index 100% rename from integrations/ssh_scan/parser/__testFiles__/192.168.42.42.json rename to scanner/ssh_scan/parser/__testFiles__/192.168.42.42.json diff --git a/integrations/ssh_scan/parser/__testFiles__/local-network.json b/scanner/ssh_scan/parser/__testFiles__/local-network.json similarity index 100% rename from integrations/ssh_scan/parser/__testFiles__/local-network.json rename to scanner/ssh_scan/parser/__testFiles__/local-network.json diff --git a/integrations/ssh_scan/parser/__testFiles__/localhost.json b/scanner/ssh_scan/parser/__testFiles__/localhost.json similarity index 100% rename from integrations/ssh_scan/parser/__testFiles__/localhost.json rename to scanner/ssh_scan/parser/__testFiles__/localhost.json diff --git a/integrations/ssh_scan/parser/__testFiles__/securecodebox.io.json b/scanner/ssh_scan/parser/__testFiles__/securecodebox.io.json similarity index 100% rename from integrations/ssh_scan/parser/__testFiles__/securecodebox.io.json rename to scanner/ssh_scan/parser/__testFiles__/securecodebox.io.json diff --git a/integrations/ssh_scan/parser/parser.js b/scanner/ssh_scan/parser/parser.js similarity index 100% rename from integrations/ssh_scan/parser/parser.js rename to scanner/ssh_scan/parser/parser.js diff --git a/integrations/ssh_scan/parser/parser.test.js b/scanner/ssh_scan/parser/parser.test.js similarity index 100% rename from integrations/ssh_scan/parser/parser.test.js rename to scanner/ssh_scan/parser/parser.test.js diff --git a/integrations/ssh_scan/templates/ssh-scan-parse-definition.yaml b/scanner/ssh_scan/templates/ssh-scan-parse-definition.yaml similarity index 100% rename from integrations/ssh_scan/templates/ssh-scan-parse-definition.yaml rename to scanner/ssh_scan/templates/ssh-scan-parse-definition.yaml diff --git a/integrations/ssh_scan/templates/ssh-scan-scan-type.yaml b/scanner/ssh_scan/templates/ssh-scan-scan-type.yaml similarity index 100% rename from integrations/ssh_scan/templates/ssh-scan-scan-type.yaml rename to scanner/ssh_scan/templates/ssh-scan-scan-type.yaml diff --git a/integrations/ssh_scan/values.yaml b/scanner/ssh_scan/values.yaml similarity index 100% rename from integrations/ssh_scan/values.yaml rename to scanner/ssh_scan/values.yaml diff --git a/integrations/sslyze/.helmignore b/scanner/sslyze/.helmignore similarity index 100% rename from integrations/sslyze/.helmignore rename to scanner/sslyze/.helmignore diff --git a/integrations/sslyze/Chart.yaml b/scanner/sslyze/Chart.yaml similarity index 100% rename from integrations/sslyze/Chart.yaml rename to scanner/sslyze/Chart.yaml diff --git a/integrations/sslyze/README.md b/scanner/sslyze/README.md similarity index 99% rename from integrations/sslyze/README.md rename to scanner/sslyze/README.md index 63dd6d21..5f26c0b8 100644 --- a/integrations/sslyze/README.md +++ b/scanner/sslyze/README.md @@ -14,7 +14,7 @@ SSLyze is a Python library and a CLI tool that can analyze the SSL configuration The SSLyze scanType can be deployed via helm. ```bash -helm upgrade --install sslyze ./integrations/sslyze/ +helm upgrade --install sslyze ./scanner/sslyze/ ``` ## Examples diff --git a/integrations/sslyze/examples/example.com/scan.yaml b/scanner/sslyze/examples/example.com/scan.yaml similarity index 100% rename from integrations/sslyze/examples/example.com/scan.yaml rename to scanner/sslyze/examples/example.com/scan.yaml diff --git a/integrations/sslyze/examples/secureCodeBox.io/scan.yaml b/scanner/sslyze/examples/secureCodeBox.io/scan.yaml similarity index 100% rename from integrations/sslyze/examples/secureCodeBox.io/scan.yaml rename to scanner/sslyze/examples/secureCodeBox.io/scan.yaml diff --git a/integrations/sslyze/parser/.dockerignore b/scanner/sslyze/parser/.dockerignore similarity index 100% rename from integrations/sslyze/parser/.dockerignore rename to scanner/sslyze/parser/.dockerignore diff --git a/integrations/sslyze/parser/Dockerfile b/scanner/sslyze/parser/Dockerfile similarity index 100% rename from integrations/sslyze/parser/Dockerfile rename to scanner/sslyze/parser/Dockerfile diff --git a/integrations/sslyze/parser/__testFiles__/expired.badssl.com.json b/scanner/sslyze/parser/__testFiles__/expired.badssl.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/expired.badssl.com.json rename to scanner/sslyze/parser/__testFiles__/expired.badssl.com.json diff --git a/integrations/sslyze/parser/__testFiles__/google.com.json b/scanner/sslyze/parser/__testFiles__/google.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/google.com.json rename to scanner/sslyze/parser/__testFiles__/google.com.json diff --git a/integrations/sslyze/parser/__testFiles__/mixed-connectivity-result.json b/scanner/sslyze/parser/__testFiles__/mixed-connectivity-result.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/mixed-connectivity-result.json rename to scanner/sslyze/parser/__testFiles__/mixed-connectivity-result.json diff --git a/integrations/sslyze/parser/__testFiles__/revoked.badssl.com.json b/scanner/sslyze/parser/__testFiles__/revoked.badssl.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/revoked.badssl.com.json rename to scanner/sslyze/parser/__testFiles__/revoked.badssl.com.json diff --git a/integrations/sslyze/parser/__testFiles__/self-signed.badssl.com.json b/scanner/sslyze/parser/__testFiles__/self-signed.badssl.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/self-signed.badssl.com.json rename to scanner/sslyze/parser/__testFiles__/self-signed.badssl.com.json diff --git a/integrations/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json b/scanner/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json rename to scanner/sslyze/parser/__testFiles__/tls-v1-0.badssl.com_1010.json diff --git a/integrations/sslyze/parser/__testFiles__/unavailible-host.json b/scanner/sslyze/parser/__testFiles__/unavailible-host.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/unavailible-host.json rename to scanner/sslyze/parser/__testFiles__/unavailible-host.json diff --git a/integrations/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json b/scanner/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json rename to scanner/sslyze/parser/__testFiles__/untrusted-root.badssl.com.json diff --git a/integrations/sslyze/parser/__testFiles__/wrong.host.badssl.com.json b/scanner/sslyze/parser/__testFiles__/wrong.host.badssl.com.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/wrong.host.badssl.com.json rename to scanner/sslyze/parser/__testFiles__/wrong.host.badssl.com.json diff --git a/integrations/sslyze/parser/__testFiles__/www.securecodebox.io.json b/scanner/sslyze/parser/__testFiles__/www.securecodebox.io.json similarity index 100% rename from integrations/sslyze/parser/__testFiles__/www.securecodebox.io.json rename to scanner/sslyze/parser/__testFiles__/www.securecodebox.io.json diff --git a/integrations/sslyze/parser/package-lock.json b/scanner/sslyze/parser/package-lock.json similarity index 100% rename from integrations/sslyze/parser/package-lock.json rename to scanner/sslyze/parser/package-lock.json diff --git a/integrations/sslyze/parser/package.json b/scanner/sslyze/parser/package.json similarity index 100% rename from integrations/sslyze/parser/package.json rename to scanner/sslyze/parser/package.json diff --git a/integrations/sslyze/parser/parser.js b/scanner/sslyze/parser/parser.js similarity index 100% rename from integrations/sslyze/parser/parser.js rename to scanner/sslyze/parser/parser.js diff --git a/integrations/sslyze/parser/parser.test.js b/scanner/sslyze/parser/parser.test.js similarity index 100% rename from integrations/sslyze/parser/parser.test.js rename to scanner/sslyze/parser/parser.test.js diff --git a/integrations/sslyze/templates/sslyze-parse-definition.yaml b/scanner/sslyze/templates/sslyze-parse-definition.yaml similarity index 100% rename from integrations/sslyze/templates/sslyze-parse-definition.yaml rename to scanner/sslyze/templates/sslyze-parse-definition.yaml diff --git a/integrations/sslyze/templates/sslyze-scan-type.yaml b/scanner/sslyze/templates/sslyze-scan-type.yaml similarity index 100% rename from integrations/sslyze/templates/sslyze-scan-type.yaml rename to scanner/sslyze/templates/sslyze-scan-type.yaml diff --git a/integrations/sslyze/values.yaml b/scanner/sslyze/values.yaml similarity index 100% rename from integrations/sslyze/values.yaml rename to scanner/sslyze/values.yaml diff --git a/integrations/test-scan/.helmignore b/scanner/test-scan/.helmignore similarity index 100% rename from integrations/test-scan/.helmignore rename to scanner/test-scan/.helmignore diff --git a/integrations/test-scan/Chart.yaml b/scanner/test-scan/Chart.yaml similarity index 100% rename from integrations/test-scan/Chart.yaml rename to scanner/test-scan/Chart.yaml diff --git a/integrations/test-scan/parser/.dockerignore b/scanner/test-scan/parser/.dockerignore similarity index 100% rename from integrations/test-scan/parser/.dockerignore rename to scanner/test-scan/parser/.dockerignore diff --git a/integrations/test-scan/parser/.gitignore b/scanner/test-scan/parser/.gitignore similarity index 100% rename from integrations/test-scan/parser/.gitignore rename to scanner/test-scan/parser/.gitignore diff --git a/integrations/test-scan/parser/Dockerfile b/scanner/test-scan/parser/Dockerfile similarity index 100% rename from integrations/test-scan/parser/Dockerfile rename to scanner/test-scan/parser/Dockerfile diff --git a/integrations/test-scan/parser/package-lock.json b/scanner/test-scan/parser/package-lock.json similarity index 100% rename from integrations/test-scan/parser/package-lock.json rename to scanner/test-scan/parser/package-lock.json diff --git a/integrations/test-scan/parser/package.json b/scanner/test-scan/parser/package.json similarity index 100% rename from integrations/test-scan/parser/package.json rename to scanner/test-scan/parser/package.json diff --git a/integrations/test-scan/parser/parser.js b/scanner/test-scan/parser/parser.js similarity index 100% rename from integrations/test-scan/parser/parser.js rename to scanner/test-scan/parser/parser.js diff --git a/integrations/test-scan/scanner/Dockerfile b/scanner/test-scan/scanner/Dockerfile similarity index 100% rename from integrations/test-scan/scanner/Dockerfile rename to scanner/test-scan/scanner/Dockerfile diff --git a/integrations/test-scan/templates/test-scan-parse-definition.yaml b/scanner/test-scan/templates/test-scan-parse-definition.yaml similarity index 100% rename from integrations/test-scan/templates/test-scan-parse-definition.yaml rename to scanner/test-scan/templates/test-scan-parse-definition.yaml diff --git a/integrations/test-scan/templates/test-scan-scan-type.yaml b/scanner/test-scan/templates/test-scan-scan-type.yaml similarity index 100% rename from integrations/test-scan/templates/test-scan-scan-type.yaml rename to scanner/test-scan/templates/test-scan-scan-type.yaml diff --git a/integrations/test-scan/values.yaml b/scanner/test-scan/values.yaml similarity index 100% rename from integrations/test-scan/values.yaml rename to scanner/test-scan/values.yaml diff --git a/integrations/trivy/.helmignore b/scanner/trivy/.helmignore similarity index 100% rename from integrations/trivy/.helmignore rename to scanner/trivy/.helmignore diff --git a/integrations/trivy/Chart.yaml b/scanner/trivy/Chart.yaml similarity index 100% rename from integrations/trivy/Chart.yaml rename to scanner/trivy/Chart.yaml diff --git a/integrations/trivy/README.md b/scanner/trivy/README.md similarity index 97% rename from integrations/trivy/README.md rename to scanner/trivy/README.md index 92f35204..f49a162d 100644 --- a/integrations/trivy/README.md +++ b/scanner/trivy/README.md @@ -19,7 +19,7 @@ To learn more about the Trivy scanner itself visit or [Trivy GitHub]. The Trivy scanType can be deployed via helm. ```bash -helm upgrade --install trivy ./integrations/trivy/ +helm upgrade --install trivy ./scanner/trivy/ ``` ## Examples diff --git a/integrations/trivy/examples/juice-shop/findings.yaml b/scanner/trivy/examples/juice-shop/findings.yaml similarity index 100% rename from integrations/trivy/examples/juice-shop/findings.yaml rename to scanner/trivy/examples/juice-shop/findings.yaml diff --git a/integrations/trivy/examples/juice-shop/scan.yaml b/scanner/trivy/examples/juice-shop/scan.yaml similarity index 100% rename from integrations/trivy/examples/juice-shop/scan.yaml rename to scanner/trivy/examples/juice-shop/scan.yaml diff --git a/integrations/trivy/examples/mediawiki/findings.yaml b/scanner/trivy/examples/mediawiki/findings.yaml similarity index 100% rename from integrations/trivy/examples/mediawiki/findings.yaml rename to scanner/trivy/examples/mediawiki/findings.yaml diff --git a/integrations/trivy/examples/mediawiki/scan.yaml b/scanner/trivy/examples/mediawiki/scan.yaml similarity index 100% rename from integrations/trivy/examples/mediawiki/scan.yaml rename to scanner/trivy/examples/mediawiki/scan.yaml diff --git a/integrations/trivy/parser/Dockerfile b/scanner/trivy/parser/Dockerfile similarity index 100% rename from integrations/trivy/parser/Dockerfile rename to scanner/trivy/parser/Dockerfile diff --git a/integrations/trivy/parser/__snapshots__/parser.test.js.snap b/scanner/trivy/parser/__snapshots__/parser.test.js.snap similarity index 100% rename from integrations/trivy/parser/__snapshots__/parser.test.js.snap rename to scanner/trivy/parser/__snapshots__/parser.test.js.snap diff --git a/integrations/trivy/parser/__testFiles__/juice-shop-v10.2.0.json b/scanner/trivy/parser/__testFiles__/juice-shop-v10.2.0.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/juice-shop-v10.2.0.json rename to scanner/trivy/parser/__testFiles__/juice-shop-v10.2.0.json diff --git a/integrations/trivy/parser/__testFiles__/mediawiki-1.27.3.json b/scanner/trivy/parser/__testFiles__/mediawiki-1.27.3.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/mediawiki-1.27.3.json rename to scanner/trivy/parser/__testFiles__/mediawiki-1.27.3.json diff --git a/integrations/trivy/parser/__testFiles__/mediawiki-stable.json b/scanner/trivy/parser/__testFiles__/mediawiki-stable.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/mediawiki-stable.json rename to scanner/trivy/parser/__testFiles__/mediawiki-stable.json diff --git a/integrations/trivy/parser/__testFiles__/securecodebox-amass-unstable-pinned.json b/scanner/trivy/parser/__testFiles__/securecodebox-amass-unstable-pinned.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/securecodebox-amass-unstable-pinned.json rename to scanner/trivy/parser/__testFiles__/securecodebox-amass-unstable-pinned.json diff --git a/integrations/trivy/parser/__testFiles__/securecodebox-engine.json b/scanner/trivy/parser/__testFiles__/securecodebox-engine.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/securecodebox-engine.json rename to scanner/trivy/parser/__testFiles__/securecodebox-engine.json diff --git a/integrations/trivy/parser/__testFiles__/securecodebox-ssh-unstable.json b/scanner/trivy/parser/__testFiles__/securecodebox-ssh-unstable.json similarity index 100% rename from integrations/trivy/parser/__testFiles__/securecodebox-ssh-unstable.json rename to scanner/trivy/parser/__testFiles__/securecodebox-ssh-unstable.json diff --git a/integrations/trivy/parser/parser.js b/scanner/trivy/parser/parser.js similarity index 100% rename from integrations/trivy/parser/parser.js rename to scanner/trivy/parser/parser.js diff --git a/integrations/trivy/parser/parser.test.js b/scanner/trivy/parser/parser.test.js similarity index 100% rename from integrations/trivy/parser/parser.test.js rename to scanner/trivy/parser/parser.test.js diff --git a/integrations/trivy/templates/trivy-parse-definition.yaml b/scanner/trivy/templates/trivy-parse-definition.yaml similarity index 100% rename from integrations/trivy/templates/trivy-parse-definition.yaml rename to scanner/trivy/templates/trivy-parse-definition.yaml diff --git a/integrations/trivy/templates/trivy-scan-type.yaml b/scanner/trivy/templates/trivy-scan-type.yaml similarity index 100% rename from integrations/trivy/templates/trivy-scan-type.yaml rename to scanner/trivy/templates/trivy-scan-type.yaml diff --git a/integrations/trivy/values.yaml b/scanner/trivy/values.yaml similarity index 100% rename from integrations/trivy/values.yaml rename to scanner/trivy/values.yaml diff --git a/integrations/wpscan/.helmignore b/scanner/wpscan/.helmignore similarity index 100% rename from integrations/wpscan/.helmignore rename to scanner/wpscan/.helmignore diff --git a/integrations/wpscan/Chart.yaml b/scanner/wpscan/Chart.yaml similarity index 100% rename from integrations/wpscan/Chart.yaml rename to scanner/wpscan/Chart.yaml diff --git a/integrations/wpscan/README.md b/scanner/wpscan/README.md similarity index 98% rename from integrations/wpscan/README.md rename to scanner/wpscan/README.md index 61b250a6..95771a2c 100644 --- a/integrations/wpscan/README.md +++ b/scanner/wpscan/README.md @@ -20,7 +20,7 @@ To learn more about the WPScan scanner itself visit [wpscan.org] or [wpscan.io]. The WPScan scanType can be deployed via helm. ```bash -helm upgrade --install wpscan ./integrations/wpscan/ +helm upgrade --install wpscan ./scanner/wpscan/ ``` ## Examples diff --git a/integrations/wpscan/examples/example.com/findings.yaml b/scanner/wpscan/examples/example.com/findings.yaml similarity index 100% rename from integrations/wpscan/examples/example.com/findings.yaml rename to scanner/wpscan/examples/example.com/findings.yaml diff --git a/integrations/wpscan/examples/example.com/scan.yaml b/scanner/wpscan/examples/example.com/scan.yaml similarity index 100% rename from integrations/wpscan/examples/example.com/scan.yaml rename to scanner/wpscan/examples/example.com/scan.yaml diff --git a/integrations/wpscan/parser/Dockerfile b/scanner/wpscan/parser/Dockerfile similarity index 100% rename from integrations/wpscan/parser/Dockerfile rename to scanner/wpscan/parser/Dockerfile diff --git a/integrations/wpscan/parser/__testFiles__/empty-localhost.json b/scanner/wpscan/parser/__testFiles__/empty-localhost.json similarity index 100% rename from integrations/wpscan/parser/__testFiles__/empty-localhost.json rename to scanner/wpscan/parser/__testFiles__/empty-localhost.json diff --git a/integrations/wpscan/parser/__testFiles__/example-latest.json b/scanner/wpscan/parser/__testFiles__/example-latest.json similarity index 100% rename from integrations/wpscan/parser/__testFiles__/example-latest.json rename to scanner/wpscan/parser/__testFiles__/example-latest.json diff --git a/integrations/wpscan/parser/__testFiles__/example-old.json b/scanner/wpscan/parser/__testFiles__/example-old.json similarity index 100% rename from integrations/wpscan/parser/__testFiles__/example-old.json rename to scanner/wpscan/parser/__testFiles__/example-old.json diff --git a/integrations/wpscan/parser/parser.js b/scanner/wpscan/parser/parser.js similarity index 100% rename from integrations/wpscan/parser/parser.js rename to scanner/wpscan/parser/parser.js diff --git a/integrations/wpscan/parser/parser.test.js b/scanner/wpscan/parser/parser.test.js similarity index 100% rename from integrations/wpscan/parser/parser.test.js rename to scanner/wpscan/parser/parser.test.js diff --git a/integrations/wpscan/templates/wpscan-parse-definition.yaml b/scanner/wpscan/templates/wpscan-parse-definition.yaml similarity index 100% rename from integrations/wpscan/templates/wpscan-parse-definition.yaml rename to scanner/wpscan/templates/wpscan-parse-definition.yaml diff --git a/integrations/wpscan/templates/wpscan-scan-type.yaml b/scanner/wpscan/templates/wpscan-scan-type.yaml similarity index 100% rename from integrations/wpscan/templates/wpscan-scan-type.yaml rename to scanner/wpscan/templates/wpscan-scan-type.yaml diff --git a/integrations/wpscan/values.yaml b/scanner/wpscan/values.yaml similarity index 100% rename from integrations/wpscan/values.yaml rename to scanner/wpscan/values.yaml diff --git a/integrations/zap/.helmignore b/scanner/zap/.helmignore similarity index 100% rename from integrations/zap/.helmignore rename to scanner/zap/.helmignore diff --git a/integrations/zap/Chart.yaml b/scanner/zap/Chart.yaml similarity index 100% rename from integrations/zap/Chart.yaml rename to scanner/zap/Chart.yaml diff --git a/integrations/zap/README.md b/scanner/zap/README.md similarity index 98% rename from integrations/zap/README.md rename to scanner/zap/README.md index 58cb5168..398c68dc 100644 --- a/integrations/zap/README.md +++ b/scanner/zap/README.md @@ -18,7 +18,7 @@ To learn more about the ZAP scanner itself visit [OWASP_Zap_Project] or [zaproxy The ZAP scanType can be deployed via helm. ```bash -helm upgrade --install zap ./integrations/zap/ +helm upgrade --install zap ./scanner/zap/ ``` ## Examples diff --git a/integrations/zap/examples/.gitkeep b/scanner/zap/examples/.gitkeep similarity index 100% rename from integrations/zap/examples/.gitkeep rename to scanner/zap/examples/.gitkeep diff --git a/integrations/zap/parser/Dockerfile b/scanner/zap/parser/Dockerfile similarity index 100% rename from integrations/zap/parser/Dockerfile rename to scanner/zap/parser/Dockerfile diff --git a/integrations/zap/parser/__snapshots__/parser.test.js.snap b/scanner/zap/parser/__snapshots__/parser.test.js.snap similarity index 100% rename from integrations/zap/parser/__snapshots__/parser.test.js.snap rename to scanner/zap/parser/__snapshots__/parser.test.js.snap diff --git a/integrations/zap/parser/__testFiles__/juice-shop.json b/scanner/zap/parser/__testFiles__/juice-shop.json similarity index 100% rename from integrations/zap/parser/__testFiles__/juice-shop.json rename to scanner/zap/parser/__testFiles__/juice-shop.json diff --git a/integrations/zap/parser/parser.js b/scanner/zap/parser/parser.js similarity index 100% rename from integrations/zap/parser/parser.js rename to scanner/zap/parser/parser.js diff --git a/integrations/zap/parser/parser.test.js b/scanner/zap/parser/parser.test.js similarity index 100% rename from integrations/zap/parser/parser.test.js rename to scanner/zap/parser/parser.test.js diff --git a/integrations/zap/templates/zap-parse-definition.yaml b/scanner/zap/templates/zap-parse-definition.yaml similarity index 100% rename from integrations/zap/templates/zap-parse-definition.yaml rename to scanner/zap/templates/zap-parse-definition.yaml diff --git a/integrations/zap/templates/zap-scan-type.yaml b/scanner/zap/templates/zap-scan-type.yaml similarity index 100% rename from integrations/zap/templates/zap-scan-type.yaml rename to scanner/zap/templates/zap-scan-type.yaml diff --git a/integrations/zap/values.yaml b/scanner/zap/values.yaml similarity index 100% rename from integrations/zap/values.yaml rename to scanner/zap/values.yaml From 7ef0a2f1d5c9b061cfccc3c7d5ea24ff2d3015a9 Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Wed, 17 Jun 2020 12:59:46 +0200 Subject: [PATCH 108/109] Path correction --- scanner/nikto/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanner/nikto/README.md b/scanner/nikto/README.md index 8c6d7834..97f3152f 100644 --- a/scanner/nikto/README.md +++ b/scanner/nikto/README.md @@ -16,7 +16,7 @@ Nikto is a free software command-line vulnerability scanner that scans webserver The Nikto ScanType can be deployed via helm. ```bash -helm upgrade --install nikto ./integrations/nikto/ +helm upgrade --install nikto ./scanner/nikto/ ``` ## Examples From cd4af692c4b44d543b3facf6fb887d6e73e7afce Mon Sep 17 00:00:00 2001 From: Robert Seedorff Date: Thu, 18 Jun 2020 13:06:42 +0200 Subject: [PATCH 109/109] Added a ADR folder to document design descions. Documents the hook concept descion (WIP) #5 --- docs/adr/adr_0000.adoc | 31 ++++++ docs/adr/adr_0001.adoc | 213 +++++++++++++++++++++++++++++++++++++++++ docs/adr/adr_README.md | 22 +++++ 3 files changed, 266 insertions(+) create mode 100644 docs/adr/adr_0000.adoc create mode 100644 docs/adr/adr_0001.adoc create mode 100644 docs/adr/adr_README.md diff --git a/docs/adr/adr_0000.adoc b/docs/adr/adr_0000.adoc new file mode 100644 index 00000000..75211c2e --- /dev/null +++ b/docs/adr/adr_0000.adoc @@ -0,0 +1,31 @@ +[[ADR-0000]] += ADR-0000: Short present tense imperative phrase, less than 50 characters, like a email subject + +[cols="h,d",grid=rows,frame=none,stripes=none,caption="Status",%autowidth] +|==== +// Use one of the ADR status parameter based on status +// Please add a cross reference link to the new ADR on 'superseded' ADR. +// e.g.: {adr_suposed_by} <> +| Status +| PROPOSED | ACCEPTED | REJECTED | DEPRECATED | SUPOSED_BY <> + +| Date +| YYYY-MM-DD + +| Author(s) +| John Doe + +jane Doe +// ... +|==== + +== Context + + + +== Decision + + + +== Consequences + + diff --git a/docs/adr/adr_0001.adoc b/docs/adr/adr_0001.adoc new file mode 100644 index 00000000..97542eff --- /dev/null +++ b/docs/adr/adr_0001.adoc @@ -0,0 +1,213 @@ +[[ADR-0000]] += ADR-0000: How can we introduce a more general extension concept for data proccessing modules? + +[cols="h,d",grid=rows,frame=none,stripes=none,caption="Status",%autowidth] +|==== +// Use one of the ADR status parameter based on status +// Please add a cross reference link to the new ADR on 'superseded' ADR. +// e.g.: {adr_suposed_by} <> + +| Status +| ACCEPTED + +| Date +| 2020-05-20 + +| Author(s) +| Jannik Hollenbach , + Jorge Estigarribia , + Robert Seedorff +|==== + +== Context + +=== Status Quo + +One major challange implementing the _secureCodeBox_ is to provide an flexible and modular architecture which enables the open source community to easily understand the concepts and especially to extend the _secureCodeBox_ with individual features. Therefore we decided to seperate the process stages of an single security scan (instance of scanType CRD) in 3 major phases: +``` + β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” + β”‚ Scanning β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β–Άβ”‚ Parsing β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β–Άβ”‚ Persisting β”‚ + β”‚ (Phase 1) β”‚ β”‚ (Phase 2) β”‚ β”‚ (Phase 3) β”‚ + β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ +``` +By now the "Persisting Phase 3" was implemented by so called _persistenceProviders_ e.g the *persistence-elastic* provider which is responsible for persisting all findings in a given elasticsearch database. The _secureCodeBox_ Operator is aware of this 3 phases and is responsible for the state model and execution of each security scan (instance of scanType CRD). + +=== Problem and Question + +We identified different additional UseCases with a are more _data proccessing oriented_ pattern than the implemented _persisting phase3_ indicates. For example we implemented a so called "MetaDataProvider" feature which is responsible for enhancing each security finding with additional metadata. But the MetaDataProvider must be executed after the _parsing phase 2_ and before the _persisting phase 3_ because it depends on the parsed finding results (which will be enhanced) and the update findings should be persisted also. + + +To find a proper solution we splitted the topic into the follwong two questions: + +* Question 1: Should we unify the concepts MetaDataProvider and PersistenceProvider? +* Question 2: How should the execution model look like for each? + +==== Question 1: Should we unify the concepts MetaDataProvider and PersistenceProvider? +==== Solution approach 1: Unify + +Both "modules" are "processing" the security findings which are generated in the parsing phase. +But there is one larger difference between them: + +* `PersistenceProvider` is proccesing the findings with a *ReadOnly* pattern +* `MetaDataProvider` is proccesing the findings with a *ReadAndWrite* pattern + +There is a similar thing in kubernetes called [AdmissionController](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/), with the exception that the are executed before a resource gets created. + +The are two variants: + +* `ValidatingWebhookConfiguration` (ReadOnly) *Executed Last* +* `MutatingWebhookConfiguration` (ReadAndWrite) *Executed First* + +We could do a similar thing and introduce CRD which allows to execute "custom code" (generally speaking, depends on the second question) after a scan has completed (meaning scan and parser phase are done). Some name ideas: + +- `ScanHooks` +- `ScanCompletionHooks` +- `FindingProcessors` + +These could than have a `type` attribute which declares if they are `ReadOnly` or `ReadAndWrite`. + +The operator would process all these resources in the namespace and execute the `ReadAndWrite` ones first (in serial: one at a time to avoid write conflicts) and then the `ReadOnly` ones (in parallel). + +```yaml +apiVersion: execution.experimental.securecodebox.io/v1 +kind: ScanCompletionHook +metadata: + name: my-metadata +spec: + type: ReadAndWrite + # If implemented like the current persistence provider + image: my-metadata:v2.0.0 +``` + +The Execution Flow would then look something like this: + +``` + β”Œ ReadOnly─Hooks─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ + β”Œ ReadAndWriteHooks ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ + β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β”Œβ”€β”€β”Όβ–Άβ”‚ Elastic PersistenceProvider β”‚ +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β”‚ ReadAndWrite Hook #1 β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ +β”‚ Scan β”œβ”€β”€β–Άβ”‚ Parsing │────▢│ "MyMetaDataProvider" β”œβ”€β–Άβ”‚ ReadAndWrite Hook #2 │─┼─── β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ └───▢│ DefectDojo PersistenceProvider β”‚ β”‚ + ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ β”˜ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ β”˜ +``` + +**Pros:** + +- Only one Implementation +- Pretty Generic to expand and test out new ideas without having to modify the secureCodeBox Operator + +**Cons:** + +- Possible "over abstraction"? +- Need to refactor the ElasticSearch PersistenceProvider +- The "General Implementation" will be harder than the individual ones - + +==== Solution approach 1: Keep Split between Persistence Provider and MetaData Provider + +Keep PersistenceProvider as they are and introduce new "MetaDataProvider" CRD which gets executed before the PersistenceProviders by the operator. + +``` + β”Œ Persistence Provider─ ─ ─ ─ ─ ─ ─ ─ + β”Œ MetaData Provider ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ + β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β”Œβ”€β”€β”Όβ–Άβ”‚ Elastic PersistenceProvider β”‚ +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β”‚ ReadAndWrite Hook #1 β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ +β”‚ Scan β”œβ”€β”€β–Άβ”‚ Parsing │────▢│ "MyMetaDataProvider" β”œβ”€β–Άβ”‚ ReadAndWrite Hook #2 │─┼─── β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ └───▢│ DefectDojo PersistenceProvider β”‚ β”‚ + ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ β”˜ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ β”˜ +``` + +**Pros:** + +- Quicker to implement +- Might be worth it to have a seperate concept for it + +**Cons:** + +- Really worth introducing a new CRD for everything, especially when the are conceptually pretty close? + +=== Question 2: How should the execution model look like for each? + +==== Solution approach 1: Like the persistence provider + +Basically a docker container which process takes two command line args: + +* A pre-signed URL to download the findings from +* A pre-signed URL to upload the modified findings to + +Examples: + +* Node.js `node my-metadata.js "https://storage.googleapi.com/..." "https://storage.googleapi.com/..."` +* java `java my-metadata.jar "https://storage.googleapi.com/..." "https://storage.googleapi.com/..."` +* golang `./my-metadata "https://storage.googleapi.com/..." "https://storage.googleapi.com/..."` + +**Pros:** + +* on liner with the current implementations +* code overhead / wrapper code is pretty minimal +* zero scale - no resource costs when nothing is running + +**Cons:** + +* results in too many k8s jobs? +** resource blocking on finished resources +** ttlAfterFinished enabled +* container runtime overhead (especially time) + +### Option 2: A WebHooks like concept + +Analog to kubernetes webhooks. +Https server receiving findings and returning results. + +**Pros:** + +* MilliSeconds instead of seconds for processing +* No ContainerCreation Overhead +* No additional k8s jobs needed + +**Cons:** + +* Introduces new running Services that need to be maintained and have uptime +* Code Overhead / Boilerplate (Can be mitigated by sdk) +* Debugging of individual MetaDataProvider is harder as everything is handled by a single service +* Introduces "New" Concept +* Certificate Management for webhook services (`cert-manager` required by default?) +* Scaling for systems with lots of load could be a problem +* One service per namespace (multiple tenants) needed => results in many running active services which is ressource consuming + +== Decision + +Regarding the Question 1 it seems that both solution approaches are resulting in the same execution model. We descided to implement solution approach 1 and unify both concepts into a more general concept with the name _"hook concept"_. Therefore we exchange the existing name `persistenceProvider` for phase 3 in the excecution model with a more general term `DataProcessing`: + +``` + β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” + β”‚ Scanning β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β–Άβ”‚ Parsing β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β–Άβ”‚ DataProcessing β”‚ + β”‚ (Phase 1) β”‚ β”‚ (Phase 2) β”‚ β”‚ (Phase 3) β”‚ + β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ +``` + +Regarding the question 2 we descided to implement the solution approach 1 with a job based approach (no active service componend needed). +The Phase 3 `DataProcessing` will be therefore splitt into to seperate phases named `ReadAndWriteHooks (3.1)` and `ReadOnlyHooks (3.2)` + +``` + β”Œ DataProcessing: ReadOnlyHooks ─ ─ ─ + β”Œ DataProcessing: ReadAndWriteHooks ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ + β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β”Œβ”€β”€β”Όβ–Άβ”‚ Elastic PersistenceProvider β”‚ +β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β”‚ ReadAndWrite Hook #1 β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ +β”‚ Scan β”œβ”€β”€β–Άβ”‚ Parsing │────▢│ "MyMetaDataProvider" β”œβ”€β–Άβ”‚ ReadAndWrite Hook #2 │─┼─── β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” +β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ └───▢│ DefectDojo PersistenceProvider β”‚ β”‚ + ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ β”˜ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ + ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ ─ β”˜ +``` + +== Consequences + +With the new `Hook Concept` we open the `DataProcessing` Phase 3 to a more intuitive and flexible architecture. It is easier to understand because _WebHooks_ are already a well known concept. It is possible to keep the existing implementation of the `persistenceProviders` and to integrate them with a lot of other possible data processing components in a more general fashion. In the end this step will result in a lot of additional feature possibilities which go fare beyond the existing ones. Therefore we only need to implement this concept once in the secureCodeBox Operator and new ideas for extending the DataProcessing will not enforce conceptual or architectural changes. + +Ideas for additional data processing hooks: +* Notifier-Hooks (ReadOnlyHook) e.g. for chat systems (slack, teams...) or metric / alerting systems +* MetaData Enrichment Hooks (ReadAndWriteHook) +* FilterData Hooks (e.g. false/positive Handling) (ReadAndWriteHook) +* SystemIntegration Hooks (ReadOnlyHook) e.g. for ticketing systems like JIRA +* CascadingScans Hooks (ReadOnlyHook) e.g. for starting new security scans based on findings \ No newline at end of file diff --git a/docs/adr/adr_README.md b/docs/adr/adr_README.md new file mode 100644 index 00000000..be383f5b --- /dev/null +++ b/docs/adr/adr_README.md @@ -0,0 +1,22 @@ +# Architecture Decision Records (ADRs) + +This subdirectory contains all ADRs for the architecture documentation. The ids of these ADRs are within the number range from 0001 to 0999. The 0000 is reserved for the example template. + +Architectural decisions are, where appropriate, documented with the ADR template from [Michael Nygard][nygard]. A template can be found at ```0000.adoc``` and [here][template]. We extend this template with the date when this decision was made. + +Important key points from the blog of [Michael Nygard][nygard]: + +> We will keep a collection of records for "architecturally significant" decisions: those that affect the structure, non-functional characteristics, dependencies, interfaces, or construction techniques. +> +> Each record describes a set of forces and a single decision in response to those forces. Note that the decision is the central piece here, so specific forces may appear in multiple ADRs. +> +> We will keep ADRs in the project repository under ```adr/NNNN.adoc``` +> +> ADRs will be numbered sequentially and monotonically. **Numbers will not be reused.** +> +> If a decision is reversed, we will **keep the old** one around, but mark it as superseded. (It's still relevant to know that it was the decision, but is no longer the decision.) + +Please take a look in the ADR template ```0000.adoc``` for more information about the internal structure. + +[nygard]: http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions +[template]: https://github.com/joelparkerhenderson/architecture_decision_record/blob/master/adr_template_by_michael_nygard.md