bwjohnson-ss · December 22, 2023 05:43
diff --git a/trivy.json b/trivy.json
 {
  "SchemaVersion": 2,
  "CreatedAt": "2023-12-21T21:21:13.475844-08:00",
  "ArtifactName": "ffmpeg",
  "ArtifactType": "container_image",
  "Metadata": {
    "OS": {
      "Family": "ubuntu",
      "Name": "18.04",
      "EOSL": true
    },
    "ImageID": "sha256:b6e1b0cb58832644cfb05dea74cfc02d32b49cdf86fe3e3f04072a31a709c5e4",
    "DiffIDs": [
      "sha256:80580270666742c625aecc56607a806ba343a66a8f5a7fd708e6c4e4c07a3e9b",
      "sha256:3fd9df55318470e88a15f423a7d2b532856eb2b481236504bf08669013875de1",
      "sha256:7a694df0ad6cc5789a937ccd727ac1cda528a1993387bf7cd4f3c375994c54b6",
      "sha256:51b1840e320268ba7dbce584e84bf73d14390a11876fa080ceb0fd5b8b48bfab",
      "sha256:b1f1f2e8d285eb7c2c500e7100c672645ca1b42db1caf1061fccf1e0c559b383",
      "sha256:96050b3963b2cee045074faae478cc2959dca63ef1a40807e33f9175d5a35391",
      "sha256:82c1ca0f58762322f08de79e6d37e11061238f52083d902dfae6c4650ac47e08",
      "sha256:84b5d5db2c99a4c3db4fbeb8294e738a130be76cad39ac0d9e97fe7c4de3e2ec",
      "sha256:35d5459b0850e03e3a4a548bf66565c85a10480888cb17e8af05652918843eae",
      "sha256:0a8a313f70ad90552f125f5eef82590abc4fc00b849f76e5a6a5bf0138b42b93",
      "sha256:545663fb212033ce9dfdfab54d8dc80ecb0124d7b048b15a7f919f5b4f0964c6",
      "sha256:80e3eaf2019ff5e492cb3191b97cfbc23f643d84e773260924e2bb50f8f50b7c",
      "sha256:5a9f2de14accb13c7e95036a4c64ce4ef8fdd9d0bc2b520e566ee73dc3223542"
    ],
    "RepoTags": [
      "576546042567.dkr.ecr.us-west-2.amazonaws.com/ffmpeg/ffmpeg:latest",
      "ffmpeg:latest"
    ],
    "RepoDigests": [
      "576546042567.dkr.ecr.us-west-2.amazonaws.com/ffmpeg/ffmpeg@sha256:7e82582b7c6b680ccb505f0398124ef2b3bc5a595639ab154d9f4030d108375b"
    ],
    "ImageConfig": {
      "architecture": "amd64",
      "container": "520ce579073280093f5fbe8e7496dc217f73add8b13a5285af2452b71248546e",
      "created": "2020-10-14T14:18:20.852937986Z",
      "docker_version": "19.03.13",
      "history": [
        {
          "created": "2020-09-25T22:33:49.531664713Z",
          "created_by": "/bin/sh -c #(nop) ADD file:4974bb5483c392fb54a35f3799802d623d14632747493dce5feb4d435634b4ac in / "
        },
        {
          "created": "2020-09-25T22:33:50.472187951Z",
          "created_by": "/bin/sh -c set -xe \t\t\u0026\u0026 echo '#!/bin/sh' \u003e /usr/sbin/policy-rc.d \t\u0026\u0026 echo 'exit 101' \u003e\u003e /usr/sbin/policy-rc.d \t\u0026\u0026 chmod +x /usr/sbin/policy-rc.d \t\t\u0026\u0026 dpkg-divert --local --rename --add /sbin/initctl \t\u0026\u0026 cp -a /usr/sbin/policy-rc.d /sbin/initctl \t\u0026\u0026 sed -i 's/^exit.*/exit 0/' /sbin/initctl \t\t\u0026\u0026 echo 'force-unsafe-io' \u003e /etc/dpkg/dpkg.cfg.d/docker-apt-speedup \t\t\u0026\u0026 echo 'DPkg::Post-Invoke { \"rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true\"; };' \u003e /etc/apt/apt.conf.d/docker-clean \t\u0026\u0026 echo 'APT::Update::Post-Invoke { \"rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true\"; };' \u003e\u003e /etc/apt/apt.conf.d/docker-clean \t\u0026\u0026 echo 'Dir::Cache::pkgcache \"\"; Dir::Cache::srcpkgcache \"\";' \u003e\u003e /etc/apt/apt.conf.d/docker-clean \t\t\u0026\u0026 echo 'Acquire::Languages \"none\";' \u003e /etc/apt/apt.conf.d/docker-no-languages \t\t\u0026\u0026 echo 'Acquire::GzipIndexes \"true\"; Acquire::CompressionTypes::Order:: \"gz\";' \u003e /etc/apt/apt.conf.d/docker-gzip-indexes \t\t\u0026\u0026 echo 'Apt::AutoRemove::SuggestsImportant \"false\";' \u003e /etc/apt/apt.conf.d/docker-autoremove-suggests"
        },
        {
          "created": "2020-09-25T22:33:51.37343796Z",
          "created_by": "/bin/sh -c [ -z \"$(apt-get indextargets)\" ]",
          "empty_layer": true
        },
        {
          "created": "2020-09-25T22:33:52.240104873Z",
          "created_by": "/bin/sh -c mkdir -p /run/systemd \u0026\u0026 echo 'docker' \u003e /run/systemd/container"
        },
        {
          "created": "2020-09-25T22:33:52.495173292Z",
          "created_by": "/bin/sh -c #(nop)  CMD [\"/bin/bash\"]",
          "empty_layer": true
        },
        {
          "created": "2020-10-14T14:04:45.044658219Z",
          "created_by": "/bin/sh -c #(nop)  ENV WORKSPACE=/build",
          "empty_layer": true
        },
        {
          "created": "2020-10-14T14:04:45.272824793Z",
          "created_by": "/bin/sh -c #(nop)  ENV SOURCES=/build/ffmpeg_src",
          "empty_layer": true
        },
        {
          "created": "2020-10-14T14:04:45.52405101Z",
          "created_by": "/bin/sh -c #(nop)  ENV BUILD=/build/ffmpeg_build",
          "empty_layer": true
        },
        {
          "created": "2020-10-14T14:04:45.754181792Z",
          "created_by": "/bin/sh -c #(nop)  ENV BIN=/build/bin",
          "empty_layer": true
        },
        {
          "created": "2020-10-14T14:04:46.029168481Z",
          "created_by": "/bin/sh -c #(nop)  ENV BRANCH=master",
          "empty_layer": true
        },
        {
          "created": "2020-10-14T14:06:28.320557834Z",
          "created_by": "/bin/sh -c apt-get -yqq update \u0026\u0026         apt-get install -yq --no-install-recommends ca-certificates expat libgomp1 \t\tautoconf automake build-essential checkinstall cmake expat frei0r-plugins-dev \t\tgit gnutls-dev ladspa-sdk libass-dev libcaca-dev libcdio-paranoia-dev \t\tlibchromaprint-dev libcodec2-dev libebur128-dev libfaac-dev libfdk-aac-dev \t\tlibfontconfig1-dev libfreetype6-dev libfreetype6-dev libfribidi-dev libgme-dev \t\tlibgomp1 libgsm1-dev libjack-dev libjack-dev liblilv-dev libmodplug-dev \t\tlibmp3lame-dev libogg-dev libopenal-dev libopencore-amrnb-dev \t\tlibopencore-amrwb-dev libopenjp2-7-dev libopenmpt-dev libopus-dev \t\tlibpulse-dev librsvg2-dev librtmp-dev librubberband-dev libsdl2-dev \t\tlibshine-dev libsmbclient-dev libsnappy-dev libsoxr-dev libspeex-dev \t\tlibssh-dev libtesseract-dev libtheora-dev libtool libtwolame-dev libv4l-dev \t\tlibva-dev libvdpau-dev libvo-amrwbenc-dev libvorbis-dev libvorbis-dev \t\tlibvpx-dev libwavpack-dev libwebp-dev libx264-dev libx265-dev libxcb-shm0-dev \t\tlibxcb-xfixes0-dev libxcb1-dev libxml2-dev libxvidcore-dev libzmq3-dev \t\tlibzvbi-dev nasm opencl-dev p11-kit pkg-config texinfo wget yasm zlib1g-dev \t\tlibnuma-dev libavformat-dev build-essential openssl libssl-dev \u0026\u0026         apt-get autoremove -y \u0026\u0026         apt-get clean -y"
        },
        {
          "created": "2020-10-14T14:06:30.826149523Z",
          "created_by": "/bin/sh -c apt-get -y upgrade"
        },
        {
          "created": "2020-10-14T14:07:29.88916162Z",
          "created_by": "/bin/sh -c mkdir -p /build/ffmpeg_build /build/ffmpeg_src /build/bin \u0026\u0026     git clone https://git.ffmpeg.org/ffmpeg.git /build/ffmpeg_src/ffmpeg"
        },
        {
          "created": "2020-10-14T14:07:31.236261849Z",
          "created_by": "/bin/sh -c cd $SOURCES/ffmpeg \u0026\u0026      git checkout $BRANCH"
        },
        {
          "created": "2020-10-14T14:07:32.036304427Z",
          "created_by": "/bin/sh -c mkdir -p $SOURCES/ffmpeg/patch"
        },
        {
          "created": "2020-10-14T14:07:32.289063834Z",
          "created_by": "/bin/sh -c #(nop) COPY file:fe8c42fcb4642b73e04fc3c8a32aa392a4b2b562c1ed870ed9403fd8efb2f1e0 in /build/ffmpeg_src/ffmpeg/patch/00_fix_ts_segment_header.patch "
        },
        {
          "created": "2020-10-14T14:07:32.513109627Z",
          "created_by": "/bin/sh -c #(nop) COPY file:c8b62302335154f4be8add3d1e7ad56f3f937ad5b124a21b57fbccd904a1ea3a in /build/ffmpeg_src/ffmpeg/patch/01_fix_final_packet_duration.patch "
        },
        {
          "created": "2020-10-14T14:07:32.752327314Z",
          "created_by": "/bin/sh -c #(nop) COPY file:cd57aecd8fdd961436ae6872c12fab381f667c49eb4ca031adb6c53843c83f96 in /build/ffmpeg_src/ffmpeg/build.sh "
        },
        {
          "created": "2020-10-14T14:18:19.246127939Z",
          "created_by": "/bin/sh -c cd $SOURCES/ffmpeg \u0026\u0026 ./build.sh"
        },
        {
          "created": "2020-10-14T14:18:20.20059316Z",
          "created_by": "/bin/sh -c ln -s $BIN/ffmpeg /usr/local/bin/ffmpeg \u0026\u0026 ln -s $BIN/ffprobe /usr/local/bin/ffprobe"
        },
        {
          "created": "2020-10-14T14:18:20.412127831Z",
          "created_by": "/bin/sh -c #(nop)  CMD [\"/bin/bash\"]",
          "empty_layer": true
        },
        {
          "created": "2020-10-14T14:18:20.617357587Z",
          "created_by": "/bin/sh -c #(nop)  LABEL \"branch=master\"",
          "empty_layer": true
        },
        {
          "created": "2020-10-14T14:18:20.852937986Z",
          "created_by": "/bin/sh -c #(nop)  LABEL \"commit=5a812f1b40a56370e99716aee70c170e9fb740ed\"",
          "empty_layer": true
        }
      ],
      "os": "linux",
      "rootfs": {
        "type": "layers",
        "diff_ids": [
          "sha256:80580270666742c625aecc56607a806ba343a66a8f5a7fd708e6c4e4c07a3e9b",
          "sha256:3fd9df55318470e88a15f423a7d2b532856eb2b481236504bf08669013875de1",
          "sha256:7a694df0ad6cc5789a937ccd727ac1cda528a1993387bf7cd4f3c375994c54b6",
          "sha256:51b1840e320268ba7dbce584e84bf73d14390a11876fa080ceb0fd5b8b48bfab",
          "sha256:b1f1f2e8d285eb7c2c500e7100c672645ca1b42db1caf1061fccf1e0c559b383",
          "sha256:96050b3963b2cee045074faae478cc2959dca63ef1a40807e33f9175d5a35391",
          "sha256:82c1ca0f58762322f08de79e6d37e11061238f52083d902dfae6c4650ac47e08",
          "sha256:84b5d5db2c99a4c3db4fbeb8294e738a130be76cad39ac0d9e97fe7c4de3e2ec",
          "sha256:35d5459b0850e03e3a4a548bf66565c85a10480888cb17e8af05652918843eae",
          "sha256:0a8a313f70ad90552f125f5eef82590abc4fc00b849f76e5a6a5bf0138b42b93",
          "sha256:545663fb212033ce9dfdfab54d8dc80ecb0124d7b048b15a7f919f5b4f0964c6",
          "sha256:80e3eaf2019ff5e492cb3191b97cfbc23f643d84e773260924e2bb50f8f50b7c",
          "sha256:5a9f2de14accb13c7e95036a4c64ce4ef8fdd9d0bc2b520e566ee73dc3223542"
        ]
      },
      "config": {
        "Cmd": [
          "/bin/bash"
        ],
        "Env": [
          "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
          "WORKSPACE=/build",
          "SOURCES=/build/ffmpeg_src",
          "BUILD=/build/ffmpeg_build",
          "BIN=/build/bin",
          "BRANCH=master"
        ],
        "Image": "sha256:55681369e7932024fde873064ad7be9fe3b52f20537b6d1580dd2f1aa5b41ecc",
        "Labels": {
          "\"branch": "master\"",
          "\"commit": "5a812f1b40a56370e99716aee70c170e9fb740ed\""
        }
      }
    }
  },
  "Results": [
    {
      "Target": "ffmpeg (ubuntu 18.04)",
      "Class": "os-pkgs",
      "Type": "ubuntu",
      "Vulnerabilities": [
        {
          "VulnerabilityID": "CVE-2022-25235",
          "PkgID": "[email protected]",
          "PkgName": "expat",
          "InstalledVersion": "2.2.5-3ubuntu0.2",
          "FixedVersion": "2.2.5-3ubuntu0.4",
          "Status": "fixed",
          "Layer": {
            "Digest": "sha256:c57518c8772cae9cb73b20e75e786c5f15257cdca2525dbea9f472cca955f6c0",
            "DiffID": "sha256:51b1840e320268ba7dbce584e84bf73d14390a11876fa080ceb0fd5b8b48bfab"
          },
          "SeveritySource": "ubuntu",
          "PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-25235",
          "DataSource": {
            "ID": "ubuntu",
            "Name": "Ubuntu CVE Tracker",
            "URL": "https://git.launchpad.net/ubuntu-cve-tracker"
          },
          "Title": "expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution",
          "Description": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.",
          "Severity": "HIGH",
          "CweIDs": [
            "CWE-116"
          ],
          "VendorSeverity": {
            "alma": 3,
            "amazon": 4,
            "cbl-mariner": 4,
            "nvd": 4,
            "oracle-oval": 3,
            "photon": 4,
            "redhat": 3,
            "ubuntu": 3
          },
          "CVSS": {
            "nvd": {
              "V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
              "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "V2Score": 7.5,
              "V3Score": 9.8
            },
            "redhat": {
              "V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "V3Score": 9.8
            }
          },
          "References": [
            "http://www.openwall.com/lists/oss-security/2022/02/19/1",
            "https://access.redhat.com/errata/RHSA-2022:7811",
            "https://access.redhat.com/security/cve/CVE-2022-25235",
            "https://blog.hartwork.org/posts/expat-2-4-5-released/",
            "https://bugzilla.redhat.com/2048356",
            "https://bugzilla.redhat.com/2056350",
            "https://bugzilla.redhat.com/2056354",
            "https://bugzilla.redhat.com/2056363",
            "https://bugzilla.redhat.com/2056366",
            "https://bugzilla.redhat.com/2056370",
            "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
            "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235",
            "https://errata.almalinux.org/8/ALSA-2022-7811.html",
            "https://github.com/libexpat/libexpat/pull/562",
            "https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)",
            "https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)",
            "https://linux.oracle.com/cve/CVE-2022-25235.html",
            "https://linux.oracle.com/errata/ELSA-2022-9359.html",
            "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html",
            "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/",
            "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/",
            "https://nvd.nist.gov/vuln/detail/CVE-2022-25235",
            "https://security.gentoo.org/glsa/202209-24",
            "https://security.netapp.com/advisory/ntap-20220303-0008/",
            "https://ubuntu.com/security/notices/USN-5288-1",
            "https://ubuntu.com/security/notices/USN-5455-1",
            "https://www.cve.org/CVERecord?id=CVE-2022-25235",
            "https://www.debian.org/security/2022/dsa-5085",
            "https://www.oracle.com/security-alerts/cpuapr2022.html"
          ],
          "PublishedDate": "2022-02-16T01:15:07.607Z",
          "LastModifiedDate": "2023-11-07T03:44:44.94Z"
        }
      }
    }
  ]
 }
	{
	"SchemaVersion": 2,
	"CreatedAt": "2023-12-21T21:21:13.475844-08:00",
	"ArtifactName": "ffmpeg",
	"ArtifactType": "container_image",
	"Metadata": {
	"OS": {
	"Family": "ubuntu",
	"Name": "18.04",
	"EOSL": true
	},
	"ImageID": "sha256:b6e1b0cb58832644cfb05dea74cfc02d32b49cdf86fe3e3f04072a31a709c5e4",
	"DiffIDs": [
	"sha256:80580270666742c625aecc56607a806ba343a66a8f5a7fd708e6c4e4c07a3e9b",
	"sha256:3fd9df55318470e88a15f423a7d2b532856eb2b481236504bf08669013875de1",
	"sha256:7a694df0ad6cc5789a937ccd727ac1cda528a1993387bf7cd4f3c375994c54b6",
	"sha256:51b1840e320268ba7dbce584e84bf73d14390a11876fa080ceb0fd5b8b48bfab",
	"sha256:b1f1f2e8d285eb7c2c500e7100c672645ca1b42db1caf1061fccf1e0c559b383",
	"sha256:96050b3963b2cee045074faae478cc2959dca63ef1a40807e33f9175d5a35391",
	"sha256:82c1ca0f58762322f08de79e6d37e11061238f52083d902dfae6c4650ac47e08",
	"sha256:84b5d5db2c99a4c3db4fbeb8294e738a130be76cad39ac0d9e97fe7c4de3e2ec",
	"sha256:35d5459b0850e03e3a4a548bf66565c85a10480888cb17e8af05652918843eae",
	"sha256:0a8a313f70ad90552f125f5eef82590abc4fc00b849f76e5a6a5bf0138b42b93",
	"sha256:545663fb212033ce9dfdfab54d8dc80ecb0124d7b048b15a7f919f5b4f0964c6",
	"sha256:80e3eaf2019ff5e492cb3191b97cfbc23f643d84e773260924e2bb50f8f50b7c",
	"sha256:5a9f2de14accb13c7e95036a4c64ce4ef8fdd9d0bc2b520e566ee73dc3223542"
	],
	"RepoTags": [
	"576546042567.dkr.ecr.us-west-2.amazonaws.com/ffmpeg/ffmpeg:latest",
	"ffmpeg:latest"
	],
	"RepoDigests": [
	"576546042567.dkr.ecr.us-west-2.amazonaws.com/ffmpeg/ffmpeg@sha256:7e82582b7c6b680ccb505f0398124ef2b3bc5a595639ab154d9f4030d108375b"
	],
	"ImageConfig": {
	"architecture": "amd64",
	"container": "520ce579073280093f5fbe8e7496dc217f73add8b13a5285af2452b71248546e",
	"created": "2020-10-14T14:18:20.852937986Z",
	"docker_version": "19.03.13",
	"history": [
	{
	"created": "2020-09-25T22:33:49.531664713Z",
	"created_by": "/bin/sh -c #(nop) ADD file:4974bb5483c392fb54a35f3799802d623d14632747493dce5feb4d435634b4ac in / "
	},
	{
	"created": "2020-09-25T22:33:50.472187951Z",
	"created_by": "/bin/sh -c set -xe \t\t\u0026\u0026 echo '#!/bin/sh' \u003e /usr/sbin/policy-rc.d \t\u0026\u0026 echo 'exit 101' \u003e\u003e /usr/sbin/policy-rc.d \t\u0026\u0026 chmod +x /usr/sbin/policy-rc.d \t\t\u0026\u0026 dpkg-divert --local --rename --add /sbin/initctl \t\u0026\u0026 cp -a /usr/sbin/policy-rc.d /sbin/initctl \t\u0026\u0026 sed -i 's/^exit./exit 0/' /sbin/initctl \t\t\u0026\u0026 echo 'force-unsafe-io' \u003e /etc/dpkg/dpkg.cfg.d/docker-apt-speedup \t\t\u0026\u0026 echo 'DPkg::Post-Invoke { \"rm -f /var/cache/apt/archives/.deb /var/cache/apt/archives/partial/.deb /var/cache/apt/.bin \|\| true\"; };' \u003e /etc/apt/apt.conf.d/docker-clean \t\u0026\u0026 echo 'APT::Update::Post-Invoke { \"rm -f /var/cache/apt/archives/.deb /var/cache/apt/archives/partial/.deb /var/cache/apt/*.bin \|\| true\"; };' \u003e\u003e /etc/apt/apt.conf.d/docker-clean \t\u0026\u0026 echo 'Dir::Cache::pkgcache \"\"; Dir::Cache::srcpkgcache \"\";' \u003e\u003e /etc/apt/apt.conf.d/docker-clean \t\t\u0026\u0026 echo 'Acquire::Languages \"none\";' \u003e /etc/apt/apt.conf.d/docker-no-languages \t\t\u0026\u0026 echo 'Acquire::GzipIndexes \"true\"; Acquire::CompressionTypes::Order:: \"gz\";' \u003e /etc/apt/apt.conf.d/docker-gzip-indexes \t\t\u0026\u0026 echo 'Apt::AutoRemove::SuggestsImportant \"false\";' \u003e /etc/apt/apt.conf.d/docker-autoremove-suggests"
	},
	{
	"created": "2020-09-25T22:33:51.37343796Z",
	"created_by": "/bin/sh -c [ -z \"$(apt-get indextargets)\" ]",
	"empty_layer": true
	},
	{
	"created": "2020-09-25T22:33:52.240104873Z",
	"created_by": "/bin/sh -c mkdir -p /run/systemd \u0026\u0026 echo 'docker' \u003e /run/systemd/container"
	},
	{
	"created": "2020-09-25T22:33:52.495173292Z",
	"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
	"empty_layer": true
	},
	{
	"created": "2020-10-14T14:04:45.044658219Z",
	"created_by": "/bin/sh -c #(nop) ENV WORKSPACE=/build",
	"empty_layer": true
	},
	{
	"created": "2020-10-14T14:04:45.272824793Z",
	"created_by": "/bin/sh -c #(nop) ENV SOURCES=/build/ffmpeg_src",
	"empty_layer": true
	},
	{
	"created": "2020-10-14T14:04:45.52405101Z",
	"created_by": "/bin/sh -c #(nop) ENV BUILD=/build/ffmpeg_build",
	"empty_layer": true
	},
	{
	"created": "2020-10-14T14:04:45.754181792Z",
	"created_by": "/bin/sh -c #(nop) ENV BIN=/build/bin",
	"empty_layer": true
	},
	{
	"created": "2020-10-14T14:04:46.029168481Z",
	"created_by": "/bin/sh -c #(nop) ENV BRANCH=master",
	"empty_layer": true
	},
	{
	"created": "2020-10-14T14:06:28.320557834Z",
	"created_by": "/bin/sh -c apt-get -yqq update \u0026\u0026 apt-get install -yq --no-install-recommends ca-certificates expat libgomp1 \t\tautoconf automake build-essential checkinstall cmake expat frei0r-plugins-dev \t\tgit gnutls-dev ladspa-sdk libass-dev libcaca-dev libcdio-paranoia-dev \t\tlibchromaprint-dev libcodec2-dev libebur128-dev libfaac-dev libfdk-aac-dev \t\tlibfontconfig1-dev libfreetype6-dev libfreetype6-dev libfribidi-dev libgme-dev \t\tlibgomp1 libgsm1-dev libjack-dev libjack-dev liblilv-dev libmodplug-dev \t\tlibmp3lame-dev libogg-dev libopenal-dev libopencore-amrnb-dev \t\tlibopencore-amrwb-dev libopenjp2-7-dev libopenmpt-dev libopus-dev \t\tlibpulse-dev librsvg2-dev librtmp-dev librubberband-dev libsdl2-dev \t\tlibshine-dev libsmbclient-dev libsnappy-dev libsoxr-dev libspeex-dev \t\tlibssh-dev libtesseract-dev libtheora-dev libtool libtwolame-dev libv4l-dev \t\tlibva-dev libvdpau-dev libvo-amrwbenc-dev libvorbis-dev libvorbis-dev \t\tlibvpx-dev libwavpack-dev libwebp-dev libx264-dev libx265-dev libxcb-shm0-dev \t\tlibxcb-xfixes0-dev libxcb1-dev libxml2-dev libxvidcore-dev libzmq3-dev \t\tlibzvbi-dev nasm opencl-dev p11-kit pkg-config texinfo wget yasm zlib1g-dev \t\tlibnuma-dev libavformat-dev build-essential openssl libssl-dev \u0026\u0026 apt-get autoremove -y \u0026\u0026 apt-get clean -y"
	},
	{
	"created": "2020-10-14T14:06:30.826149523Z",
	"created_by": "/bin/sh -c apt-get -y upgrade"
	},
	{
	"created": "2020-10-14T14:07:29.88916162Z",
	"created_by": "/bin/sh -c mkdir -p /build/ffmpeg_build /build/ffmpeg_src /build/bin \u0026\u0026 git clone https://git.ffmpeg.org/ffmpeg.git /build/ffmpeg_src/ffmpeg"
	},
	{
	"created": "2020-10-14T14:07:31.236261849Z",
	"created_by": "/bin/sh -c cd $SOURCES/ffmpeg \u0026\u0026 git checkout $BRANCH"
	},
	{
	"created": "2020-10-14T14:07:32.036304427Z",
	"created_by": "/bin/sh -c mkdir -p $SOURCES/ffmpeg/patch"
	},
	{
	"created": "2020-10-14T14:07:32.289063834Z",
	"created_by": "/bin/sh -c #(nop) COPY file:fe8c42fcb4642b73e04fc3c8a32aa392a4b2b562c1ed870ed9403fd8efb2f1e0 in /build/ffmpeg_src/ffmpeg/patch/00_fix_ts_segment_header.patch "
	},
	{
	"created": "2020-10-14T14:07:32.513109627Z",
	"created_by": "/bin/sh -c #(nop) COPY file:c8b62302335154f4be8add3d1e7ad56f3f937ad5b124a21b57fbccd904a1ea3a in /build/ffmpeg_src/ffmpeg/patch/01_fix_final_packet_duration.patch "
	},
	{
	"created": "2020-10-14T14:07:32.752327314Z",
	"created_by": "/bin/sh -c #(nop) COPY file:cd57aecd8fdd961436ae6872c12fab381f667c49eb4ca031adb6c53843c83f96 in /build/ffmpeg_src/ffmpeg/build.sh "
	},
	{
	"created": "2020-10-14T14:18:19.246127939Z",
	"created_by": "/bin/sh -c cd $SOURCES/ffmpeg \u0026\u0026 ./build.sh"
	},
	{
	"created": "2020-10-14T14:18:20.20059316Z",
	"created_by": "/bin/sh -c ln -s $BIN/ffmpeg /usr/local/bin/ffmpeg \u0026\u0026 ln -s $BIN/ffprobe /usr/local/bin/ffprobe"
	},
	{
	"created": "2020-10-14T14:18:20.412127831Z",
	"created_by": "/bin/sh -c #(nop) CMD [\"/bin/bash\"]",
	"empty_layer": true
	},
	{
	"created": "2020-10-14T14:18:20.617357587Z",
	"created_by": "/bin/sh -c #(nop) LABEL \"branch=master\"",
	"empty_layer": true
	},
	{
	"created": "2020-10-14T14:18:20.852937986Z",
	"created_by": "/bin/sh -c #(nop) LABEL \"commit=5a812f1b40a56370e99716aee70c170e9fb740ed\"",
	"empty_layer": true
	}
	],
	"os": "linux",
	"rootfs": {
	"type": "layers",
	"diff_ids": [
	"sha256:80580270666742c625aecc56607a806ba343a66a8f5a7fd708e6c4e4c07a3e9b",
	"sha256:3fd9df55318470e88a15f423a7d2b532856eb2b481236504bf08669013875de1",
	"sha256:7a694df0ad6cc5789a937ccd727ac1cda528a1993387bf7cd4f3c375994c54b6",
	"sha256:51b1840e320268ba7dbce584e84bf73d14390a11876fa080ceb0fd5b8b48bfab",
	"sha256:b1f1f2e8d285eb7c2c500e7100c672645ca1b42db1caf1061fccf1e0c559b383",
	"sha256:96050b3963b2cee045074faae478cc2959dca63ef1a40807e33f9175d5a35391",
	"sha256:82c1ca0f58762322f08de79e6d37e11061238f52083d902dfae6c4650ac47e08",
	"sha256:84b5d5db2c99a4c3db4fbeb8294e738a130be76cad39ac0d9e97fe7c4de3e2ec",
	"sha256:35d5459b0850e03e3a4a548bf66565c85a10480888cb17e8af05652918843eae",
	"sha256:0a8a313f70ad90552f125f5eef82590abc4fc00b849f76e5a6a5bf0138b42b93",
	"sha256:545663fb212033ce9dfdfab54d8dc80ecb0124d7b048b15a7f919f5b4f0964c6",
	"sha256:80e3eaf2019ff5e492cb3191b97cfbc23f643d84e773260924e2bb50f8f50b7c",
	"sha256:5a9f2de14accb13c7e95036a4c64ce4ef8fdd9d0bc2b520e566ee73dc3223542"
	]
	},
	"config": {
	"Cmd": [
	"/bin/bash"
	],
	"Env": [
	"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
	"WORKSPACE=/build",
	"SOURCES=/build/ffmpeg_src",
	"BUILD=/build/ffmpeg_build",
	"BIN=/build/bin",
	"BRANCH=master"
	],
	"Image": "sha256:55681369e7932024fde873064ad7be9fe3b52f20537b6d1580dd2f1aa5b41ecc",
	"Labels": {
	"\"branch": "master\"",
	"\"commit": "5a812f1b40a56370e99716aee70c170e9fb740ed\""
	}
	}
	}
	},
	"Results": [
	{
	"Target": "ffmpeg (ubuntu 18.04)",
	"Class": "os-pkgs",
	"Type": "ubuntu",
	"Vulnerabilities": [
	{
	"VulnerabilityID": "CVE-2022-25235",
	"PkgID": "[email protected]",
	"PkgName": "expat",
	"InstalledVersion": "2.2.5-3ubuntu0.2",
	"FixedVersion": "2.2.5-3ubuntu0.4",
	"Status": "fixed",
	"Layer": {
	"Digest": "sha256:c57518c8772cae9cb73b20e75e786c5f15257cdca2525dbea9f472cca955f6c0",
	"DiffID": "sha256:51b1840e320268ba7dbce584e84bf73d14390a11876fa080ceb0fd5b8b48bfab"
	},
	"SeveritySource": "ubuntu",
	"PrimaryURL": "https://avd.aquasec.com/nvd/cve-2022-25235",
	"DataSource": {
	"ID": "ubuntu",
	"Name": "Ubuntu CVE Tracker",
	"URL": "https://git.launchpad.net/ubuntu-cve-tracker"
	},
	"Title": "expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution",
	"Description": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.",
	"Severity": "HIGH",
	"CweIDs": [
	"CWE-116"
	],
	"VendorSeverity": {
	"alma": 3,
	"amazon": 4,
	"cbl-mariner": 4,
	"nvd": 4,
	"oracle-oval": 3,
	"photon": 4,
	"redhat": 3,
	"ubuntu": 3
	},
	"CVSS": {
	"nvd": {
	"V2Vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
	"V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
	"V2Score": 7.5,
	"V3Score": 9.8
	},
	"redhat": {
	"V3Vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
	"V3Score": 9.8
	}
	},
	"References": [
	"http://www.openwall.com/lists/oss-security/2022/02/19/1",
	"https://access.redhat.com/errata/RHSA-2022:7811",
	"https://access.redhat.com/security/cve/CVE-2022-25235",
	"https://blog.hartwork.org/posts/expat-2-4-5-released/",
	"https://bugzilla.redhat.com/2048356",
	"https://bugzilla.redhat.com/2056350",
	"https://bugzilla.redhat.com/2056354",
	"https://bugzilla.redhat.com/2056363",
	"https://bugzilla.redhat.com/2056366",
	"https://bugzilla.redhat.com/2056370",
	"https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",
	"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235",
	"https://errata.almalinux.org/8/ALSA-2022-7811.html",
	"https://github.com/libexpat/libexpat/pull/562",
	"https://github.com/libexpat/libexpat/pull/562/commits/367ae600b48d74261bbc339b17e9318424049791 (fix)",
	"https://github.com/libexpat/libexpat/pull/562/commits/97cfdc3fa7dca759880d81e371901f4620279106 (tests)",
	"https://linux.oracle.com/cve/CVE-2022-25235.html",
	"https://linux.oracle.com/errata/ELSA-2022-9359.html",
	"https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html",
	"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/",
	"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/",
	"https://nvd.nist.gov/vuln/detail/CVE-2022-25235",
	"https://security.gentoo.org/glsa/202209-24",
	"https://security.netapp.com/advisory/ntap-20220303-0008/",
	"https://ubuntu.com/security/notices/USN-5288-1",
	"https://ubuntu.com/security/notices/USN-5455-1",
	"https://www.cve.org/CVERecord?id=CVE-2022-25235",
	"https://www.debian.org/security/2022/dsa-5085",
	"https://www.oracle.com/security-alerts/cpuapr2022.html"
	],
	"PublishedDate": "2022-02-16T01:15:07.607Z",
	"LastModifiedDate": "2023-11-07T03:44:44.94Z"
	}
	}
	}
	]
	}